Fix a memory leak in net::CertVerifyProcMac::VerifyInternal

BUG=455533 Review URL: https://codereview.chromium.org/886933008 Cr-Commit-Position: refs/heads/master@{#314931}

Fix a memory leak in net::CertVerifyProcMac::VerifyInternal
BUG=455533 Review URL: https://codereview.chromium.org/886933008 Cr-Commit-Position: refs/heads/master@{#314931}
a52857b5 · rsleevi · Commit bot · 81b17e06 · a52857b5 · a52857b5
Commit a52857b5 authored Feb 05, 2015 by rsleevi Committed by Commit bot Feb 06, 2015
4 changed files
--- a/net/cert/cert_verify_proc_mac.cc
+++ b/net/cert/cert_verify_proc_mac.cc
@@ -490,8 +490,8 @@ int CertVerifyProcMac::VerifyInternal(
  // array of certificates, the first of which is the certificate we're
  // verifying, and the subsequent (optional) certificates are used for
  // chain building.
-  ScopedCFTypeRef<CFMutableArrayRef> cert_array(CFArrayCreateMutableCopy(
+  ScopedCFTypeRef<CFMutableArrayRef> cert_array(
-      kCFAllocatorDefault, 0, cert->CreateOSCertChainForCert()));
+      cert->CreateOSCertChainForCert());
  // Serialize all calls that may use the Keychain, to work around various
  // issues in OS X 10.6+ with multi-threaded access to Security.framework.

--- a/net/cert/x509_certificate.h
+++ b/net/cert/x509_certificate.h
@@ -251,12 +251,12 @@ class NET_EXPORT X509Certificate
  // Does this certificate's usage allow SSL client authentication?
  bool SupportsSSLClientAuth() const;
-  // Returns a new CFArrayRef containing this certificate and its intermediate
+  // Returns a new CFMutableArrayRef containing this certificate and its
-  // certificates in the form expected by Security.framework and Keychain
+  // intermediate certificates in the form expected by Security.framework
-  // Services, or NULL on failure.
+  // and Keychain Services, or NULL on failure.
  // The first item in the array will be this certificate, followed by its
  // intermediates, if any.
-  CFArrayRef CreateOSCertChainForCert() const;
+  CFMutableArrayRef CreateOSCertChainForCert() const;
 #endif
  // Do any of the given issuer names appear in this cert's chain of trust?

--- a/net/cert/x509_certificate_mac.cc
+++ b/net/cert/x509_certificate_mac.cc
@@ -449,7 +449,7 @@ bool X509Certificate::SupportsSSLClientAuth() const {
  return true;
 }
-CFArrayRef X509Certificate::CreateOSCertChainForCert() const {
+CFMutableArrayRef X509Certificate::CreateOSCertChainForCert() const {
  CFMutableArrayRef cert_list =
      CFArrayCreateMutable(kCFAllocatorDefault, 0,
                           &kCFTypeArrayCallBacks);

--- a/tools/valgrind/memcheck/suppressions_mac.txt
+++ b/tools/valgrind/memcheck/suppressions_mac.txt
@@ -259,13 +259,3 @@
   fun:_ZN4base3mac30PathForFrameworkBundleResourceEPK10__CFString
   fun:_ZN3gin13IsolateHolder14LoadV8SnapshotEv
 }
-{
-   bug_455533
-   Memcheck:Leak
-   fun:malloc_zone_malloc
-   fun:_CFRuntimeCreateInstance
-   fun:__CFArrayInit
-   fun:_ZNK3net15X509Certificate24CreateOSCertChainForCertEv
-   fun:_ZN3net17CertVerifyProcMac14VerifyInternalEPNS_15X509CertificateERKSsiPNS_6CRLSetERKSt6vectorI13scoped_refptrIS1_ESaIS9_EEPNS_16CertVerifyResultE
-   fun:_ZN3net14CertVerifyProc6VerifyEPNS_15X509CertificateERKSsiPNS_6CRLSetERKSt6vectorI13scoped_refptrIS1_ESaIS9_EEPNS_16CertVerifyResultE
-}