diff options
author | Kevin Jacobs <kjacobs@mozilla.com> | 2020-12-04 17:29:13 +0000 |
---|---|---|
committer | Kevin Jacobs <kjacobs@mozilla.com> | 2020-12-04 17:29:13 +0000 |
commit | d1f61fcdf0e24d96495edcfee67d4b1a370a2284 (patch) | |
tree | 560e75c343290905db5cab66b026cff551e2e385 | |
parent | 87cb67642e1a3cadb68edceda13155d53a26304a (diff) | |
download | nss-hg-d1f61fcdf0e24d96495edcfee67d4b1a370a2284.tar.gz |
Bug 1680400 - Fix memory leak in PK11_UnwrapPrivKey. r=bbeurdoucheNSS_3_60_BETA1
Differential Revision: https://phabricator.services.mozilla.com/D98772
-rw-r--r-- | gtests/pk11_gtest/pk11_aeskeywrappad_unittest.cc | 8 | ||||
-rw-r--r-- | lib/pk11wrap/pk11obj.c | 12 |
2 files changed, 14 insertions, 6 deletions
diff --git a/gtests/pk11_gtest/pk11_aeskeywrappad_unittest.cc b/gtests/pk11_gtest/pk11_aeskeywrappad_unittest.cc index 0f79abed5..ef78f7b0e 100644 --- a/gtests/pk11_gtest/pk11_aeskeywrappad_unittest.cc +++ b/gtests/pk11_gtest/pk11_aeskeywrappad_unittest.cc @@ -66,6 +66,14 @@ TEST_F(Pkcs11AESKeyWrapPadTest, WrapUnwrapECKey) { true, CKK_EC, usages, usageCount, nullptr)); ASSERT_EQ(0, PORT_GetError()); ASSERT_TRUE(!!unwrapped); + + // Try it with internal params allocation. + SECKEYPrivateKey* tmp = PK11_UnwrapPrivKey( + slot.get(), kek.get(), CKM_NSS_AES_KEY_WRAP_PAD, nullptr, wrapped.get(), + nullptr, &pubKey, false, true, CKK_EC, usages, usageCount, nullptr); + ASSERT_EQ(0, PORT_GetError()); + ASSERT_NE(nullptr, tmp); + unwrapped.reset(tmp); } // Encrypt an ephemeral RSA key diff --git a/lib/pk11wrap/pk11obj.c b/lib/pk11wrap/pk11obj.c index 4432b8e3a..aaaf6586f 100644 --- a/lib/pk11wrap/pk11obj.c +++ b/lib/pk11wrap/pk11obj.c @@ -1321,23 +1321,23 @@ PK11_UnwrapPrivKey(PK11SlotInfo *slot, PK11SymKey *wrappingKey, NULL, perm, sensitive); SECKEY_DestroyPrivateKey(privKey); PK11_FreeSlot(int_slot); + SECITEM_FreeItem(param_free, PR_TRUE); return newPrivKey; } } if (int_slot) PK11_FreeSlot(int_slot); PORT_SetError(PK11_MapError(crv)); + SECITEM_FreeItem(param_free, PR_TRUE); return NULL; } + SECITEM_FreeItem(param_free, PR_TRUE); return PK11_MakePrivKey(slot, nullKey, PR_FALSE, privKeyID, wincx); loser: - if (newKey) { - PK11_FreeSymKey(newKey); - } - if (ck_id) { - SECITEM_FreeItem(ck_id, PR_TRUE); - } + PK11_FreeSymKey(newKey); + SECITEM_FreeItem(ck_id, PR_TRUE); + SECITEM_FreeItem(param_free, PR_TRUE); return NULL; } |