Skip to content

GitLab

T
tangled
Commit dd8d206c authored by Omar Morsi's avatar Omar Morsi Committed by Commit Bot
Browse files
Options

Fix memory leak in chrome.platformKeys 

SECItem is used a lot for performing NSS operations and it was
documented that to free a SECItem structure, SECItem_FreeItem should be
used. SECItem was usedin platform keys for NSS operation without
SECItem_FreeItem. For more information, please refer to:
https://developer.mozilla.org/en-US/docs/Mozilla/Projects/NSS/SSL_functions/ssltyp.html#1030620

This CL utilizes crypto::ScopedSECItem instead of SECItem.

Memory Leaks:

CheckSystemTokenAvailability/EnterprisePlatformKeysTest.Basic/0
Before this change: 10
After this change: 6

CheckSystemTokenAvailability/EnterprisePlatformKeysTest.Basic/1
Before this change: 8
After this change: 6

CheckSystemTokenAvailability/EnterprisePlatformKeysTest.Basic/2
Before this change: 8
After this hange: 6

CheckSystemTokenAvailability/EnterprisePlatformKeysTest.Basic/3
Before this change: 5
After this change: 3

Bug: chromium:1054911
Test: Manual and browser_tests --gtest_filter=*EnterprisePlatformKeysTest*
Change-Id: Ife95c0f84185d0bde9e9c564ba04c30da8aecab3
Reviewed-on: https://chromium-review.googlesource.com/c/chromium/src/+/2071017Reviewed-by: default avatarDavid Benjamin <davidben@chromium.org>
Reviewed-by: default avatarMaksim Ivanov <emaxx@chromium.org>
Commit-Queue: Omar Morsi <omorsi@google.com>
Cr-Commit-Position: refs/heads/master@{#744285}
parent adecd67f
Hide whitespace changes
Inline Side-by-side
Showing with 4 additions and 4 deletions
chrome/browser/chromeos/platform_keys/platform_keys_nss.cc
View file @ dd8d206c
...@@ -529,13 +529,13 @@ void SignRSAOnWorkerThread(std::unique_ptr<SignRSAState> state) { ...@@ -529,13 +529,13 @@ void SignRSAOnWorkerThread(std::unique_ptr<SignRSAState> state) {
break; break;
} }
SECItem sign_result = {siBuffer, nullptr, 0}; crypto::ScopedSECItem sign_result(SECITEM_AllocItem(nullptr, nullptr, 0));
if (SEC_SignData( if (SEC_SignData(
&sign_result, sign_result.get(),
reinterpret_cast<const unsigned char*>(state->data_.data()), reinterpret_cast<const unsigned char*>(state->data_.data()),
state->data_.size(), rsa_key.get(), sign_alg_tag) == SECSuccess) { state->data_.size(), rsa_key.get(), sign_alg_tag) == SECSuccess) {
signature_str.assign(sign_result.data, signature_str.assign(sign_result->data,
sign_result.data + sign_result.len); sign_result->data + sign_result->len);
} }
} }
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment