diff options
author | Noel Grandin <noel.grandin@collabora.co.uk> | 2021-05-17 19:42:05 +0200 |
---|---|---|
committer | Noel Grandin <noel.grandin@collabora.co.uk> | 2021-05-17 20:23:20 +0200 |
commit | 47ecc718e466db4d3976b697002f5d0a34b1a885 (patch) | |
tree | fc70cf0d1783de0d6634825c99515d3f761e78b4 /svl | |
parent | 192d7614b41dfeff4e6a507243f3a2948589ba8b (diff) |
fix some leaks in Signing
Change-Id: I1104e0611dbfbf18858cbae64bfbbbcd03d176f3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/115717
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
Diffstat (limited to 'svl')
-rw-r--r-- | svl/source/crypto/cryptosign.cxx | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/svl/source/crypto/cryptosign.cxx b/svl/source/crypto/cryptosign.cxx index 70696dafce50..61e9f6649cd9 100644 --- a/svl/source/crypto/cryptosign.cxx +++ b/svl/source/crypto/cryptosign.cxx @@ -1223,6 +1223,8 @@ bool Signing::Sign(OStringBuffer& rCMSHexBuffer) aCertID.hashAlgorithm.algorithm.data = nullptr; aCertID.hashAlgorithm.parameters.data = nullptr; SECOID_SetAlgorithmID(nullptr, &aCertID.hashAlgorithm, SEC_OID_SHA256, nullptr); + comphelper::ScopeGuard aAlgoGuard( + [&aCertID] () { SECOID_DestroyAlgorithmID(&aCertID.hashAlgorithm, false); } ); // Write ESSCertIDv2.certHash. SECItem aCertHashItem; auto pDerEncoded = reinterpret_cast<const unsigned char *>(aDerEncoded.getArray()); @@ -1273,6 +1275,8 @@ bool Signing::Sign(OStringBuffer& rCMSHexBuffer) SAL_WARN("svl.crypto", "my_SEC_StringToOID() failed"); return false; } + comphelper::ScopeGuard aGuard( + [&aOidData] () { SECITEM_FreeItem(&aOidData.oid, false); } ); aOidData.offset = SEC_OID_UNKNOWN; aOidData.desc = "id-aa-signingCertificateV2"; aOidData.mechanism = CKM_SHA_1; @@ -1292,7 +1296,7 @@ bool Signing::Sign(OStringBuffer& rCMSHexBuffer) cms_output.len = 0; PLArenaPool *arena = PORT_NewArena(10000); const ::comphelper::ScopeGuard aScopeGuard( - [&arena]() mutable { free(arena); } ); + [&arena]() mutable { PORT_FreeArena(arena, true); } ); NSSCMSEncoderContext *cms_ecx; // Possibly it would work to even just pass NULL for the password callback function and its @@ -2100,6 +2104,7 @@ bool Signing::Verify(const std::vector<unsigned char>& aData, } // Everything went fine + SECITEM_FreeItem(&aOidData.oid, false); PORT_Free(pActualResultBuffer); HASH_Destroy(pHASHContext); NSS_CMSSignerInfo_Destroy(pCMSSignerInfo); |