diff options
| author | Sune Vuorela <sune@vuorela.dk> | 2023-03-13 13:56:59 +0100 |
|---|---|---|
| committer | Albert Astals Cid <tsdgeos@yahoo.es> | 2023-03-13 22:06:20 +0000 |
| commit | fb49889fea6e6003d8b8e2d65de0ce58d6229d54 (patch) | |
| tree | cb649307137b45c28c46cc6e682c1a34f5eb94cb | |
| parent | fcb7b90ddbd6135e3fbf1032de07bc5b0e351df2 (diff) | |
Simplify temp_certs memory handling
| -rw-r--r-- | poppler/SignatureHandler.cc | 20 | ||||
| -rw-r--r-- | poppler/SignatureHandler.h | 1 |
2 files changed, 14 insertions, 7 deletions
diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 138f394a..d0f6e0fd 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -786,7 +786,7 @@ void SignatureHandler::setNSSPasswordCallback(const std::function<char *(const c PasswordFunction = f; } -SignatureHandler::SignatureHandler(unsigned char *p7, int p7_length) : hash_context(nullptr), CMSMessage(nullptr), CMSSignedData(nullptr), CMSSignerInfo(nullptr), signing_cert(nullptr), temp_certs(nullptr) +SignatureHandler::SignatureHandler(unsigned char *p7, int p7_length) : hash_context(nullptr), CMSMessage(nullptr), CMSSignedData(nullptr), CMSSignerInfo(nullptr), signing_cert(nullptr) { setNSSDir({}); CMSitem.data = p7; @@ -800,7 +800,7 @@ SignatureHandler::SignatureHandler(unsigned char *p7, int p7_length) : hash_cont } SignatureHandler::SignatureHandler(const char *certNickname, HashAlgorithm digestAlgTag) - : hash_length(digestLength(digestAlgTag)), digest_alg_tag(digestAlgTag), CMSitem(), hash_context(nullptr), CMSMessage(nullptr), CMSSignedData(nullptr), CMSSignerInfo(nullptr), signing_cert(nullptr), temp_certs(nullptr) + : hash_length(digestLength(digestAlgTag)), digest_alg_tag(digestAlgTag), CMSitem(), hash_context(nullptr), CMSMessage(nullptr), CMSSignedData(nullptr), CMSSignerInfo(nullptr), signing_cert(nullptr) { setNSSDir({}); CMSMessage = NSS_CMSMessage_Create(nullptr); @@ -835,14 +835,24 @@ SignatureHandler::~SignatureHandler() { SECITEM_FreeItem(&CMSitem, PR_FALSE); if (CMSMessage) { + // in the CMS_SignedDataCreate, we malloc some memory + // inside the CMSSignedData structure + // which is otherwise destructed by NSS_CMSMessage_Destroy + // but given we did the malloc ourselves + // we also need to free it ourselves. + // After we free the surrounding memory but we need + // a handle to it before. + CERTCertificate **toFree = nullptr; + if (CMSSignedData) { + toFree = CMSSignedData->tempCerts; + } NSS_CMSMessage_Destroy(CMSMessage); + free(toFree); } if (signing_cert) { CERT_DestroyCertificate(signing_cert); } - - free(temp_certs); } NSSCMSMessage *SignatureHandler::CMS_MessageCreate(SECItem *cms_item) @@ -888,8 +898,6 @@ NSSCMSSignedData *SignatureHandler::CMS_SignedDataCreate(NSSCMSMessage *cms_msg) for (i = 0; signedData->rawCerts[i]; ++i) { signedData->tempCerts[i] = CERT_NewTempCertificate(CERT_GetDefaultCertDB(), signedData->rawCerts[i], nullptr, 0, 0); } - - temp_certs = signedData->tempCerts; return signedData; } else { return nullptr; diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index 5f7a6b20..b45a27e7 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -96,7 +96,6 @@ private: NSSCMSSignedData *CMSSignedData; NSSCMSSignerInfo *CMSSignerInfo; CERTCertificate *signing_cert; - CERTCertificate **temp_certs; static std::string sNssDir; }; |