Bommels05/Mozilla
Bommels05/Mozilla
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

244865 MEM Leak in callbacks.c using SSL_RevealURL

Browse Source 
git-svn-id: svn://10.0.0.236/trunk@161720 18797224-902f-48f8-a5cc-f745e15eee43
This commit is contained in:
glen.beasley%sun.com 2004-09-03 18:32:03 +00:00
parent 341c2bd31d
commit abbc26f328
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
mozilla/security/jss/org/mozilla/jss/ssl/callbacks.c
View File

@ -343,7 +343,7 @@ SECStatus
JSSL_DefaultCertAuthCallback(void *arg, PRFileDesc *fd, PRBool checkSig,
PRBool isServer)
{
char * hostname;
char * hostname = NULL;
SECStatus rv = SECFailure;
SECCertUsage certUsage;
CERTCertificate *peerCert=NULL;
@ -376,9 +376,10 @@ JSSL_DefaultCertAuthCallback(void *arg, PRFileDesc *fd, PRBool checkSig,
* NB: This is our only defense against Man-In-The-Middle (MITM) attacks!
*/
hostname = SSL_RevealURL(fd); /* really is a hostname, not a URL */
if (hostname && hostname[0])
if (hostname && hostname[0]) {
rv = CERT_VerifyCertName(peerCert, hostname);
else
PORT_Free(hostname);
} else
rv = SECFailure;
if (peerCert) CERT_DestroyCertificate(peerCert);
@ -511,6 +512,7 @@ JSSL_JavaCertAuthCallback(void *arg, PRFileDesc *fd, PRBool checkSig,
hostname = SSL_RevealURL(fd); /* really is a hostname, not a URL */
if (hostname && hostname[0]) {
checkcn_rv = CERT_VerifyCertName(peerCert, hostname);
PORT_Free(hostname);
} else {
checkcn_rv = SECFailure;
}
@ -613,9 +615,6 @@ finish:
if( peerCert != NULL ) {
CERT_DestroyCertificate(peerCert);
}
if( hostname != NULL) {
PR_Free(hostname);
}
PORT_FreeArena(log.arena, PR_FALSE);
return retval;
}
@ -655,7 +654,6 @@ SECStatus
JSSL_ConfirmExpiredPeerCert(void *arg, PRFileDesc *fd, PRBool checkSig,
PRBool isServer)
{
char* hostname;
SECStatus rv=SECFailure;
SECCertUsage certUsage;
CERTCertificate* peerCert=NULL;
@ -689,9 +687,11 @@ JSSL_ConfirmExpiredPeerCert(void *arg, PRFileDesc *fd, PRBool checkSig,
if( peerCert == NULL ) {
rv = SECFailure;
} else {
char* hostname = NULL;
hostname = SSL_RevealURL(fd); /* really is a hostname, not a URL */
if (hostname && hostname[0]) {
rv = CERT_VerifyCertName(peerCert, hostname);
PORT_Free(hostname);
} else {
rv = SECFailure;
}