Do not leak a reference to "slot" when decoding private key.

author Nick Mathewson <nickm@torproject.org>

Wed, 29 Aug 2018 19:17:47 +0000 (15:17 -0400)

committer Nick Mathewson <nickm@torproject.org>

Tue, 4 Sep 2018 18:52:35 +0000 (14:52 -0400)
author Nick Mathewson <nickm@torproject.org>
Wed, 29 Aug 2018 19:17:47 +0000 (15:17 -0400)
committer Nick Mathewson <nickm@torproject.org>
Tue, 4 Sep 2018 18:52:35 +0000 (14:52 -0400)
diff --git a/src/lib/crypt_ops/crypto_rsa_nss.c b/src/lib/crypt_ops/crypto_rsa_nss.c

index 517faa5c7b6a8013a416f4fed521e9645291071f..b6d8bb647d84a3dbee2dce96e381c42e03785f8b 100644 (file)
--- a/src/lib/crypt_ops/crypto_rsa_nss.c
+++ b/src/lib/crypt_ops/crypto_rsa_nss.c
@@ -683,6 +683,9 @@ crypto_pk_asn1_decode_private(const char *str, size_t len)
  {
    tor_assert(str);
    tor_assert(len < INT_MAX);
+  PK11SlotInfo *slot = PK11_GetBestSlot(CKM_RSA_PKCS, NULL);
+  if (!slot)
+    return NULL;
  
    SECKEYPrivateKeyInfo info = {
               .algorithm = {
@@ -699,7 +702,6 @@ crypto_pk_asn1_decode_private(const char *str, size_t len)
                              }
    };
  
-  PK11SlotInfo *slot = PK11_GetBestSlot(CKM_RSA_PKCS, NULL);
    SECStatus s;
    SECKEYPrivateKey *seckey = NULL;
  
@@ -722,5 +724,8 @@ crypto_pk_asn1_decode_private(const char *str, size_t len)
      crypto_nss_log_errors(LOG_WARN, "decoding an RSA private key");
    }
  
+  if (slot)
+    PK11_FreeSlot(slot);
+
    return output;
  }
author	Nick Mathewson <nickm@torproject.org>
	Wed, 29 Aug 2018 19:17:47 +0000 (15:17 -0400)
committer	Nick Mathewson <nickm@torproject.org>
	Tue, 4 Sep 2018 18:52:35 +0000 (14:52 -0400)