[poppler] poppler/SignatureHandler.cc
GitLab Mirror
gitlab-mirror at kemper.freedesktop.org
Mon Mar 13 21:38:29 UTC 2023
poppler/SignatureHandler.cc | 19 +++++++++++--------
1 file changed, 11 insertions(+), 8 deletions(-)
New commits:
commit fcb7b90ddbd6135e3fbf1032de07bc5b0e351df2
Author: Sune Vuorela <sune at vuorela.dk>
Date: Mon Mar 13 14:28:08 2023 +0100
nss created message was leaked on most errors
Use a unique_ptr to ensure it is being destructed properly
diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc
index 9979119a..138f394a 100644
--- a/poppler/SignatureHandler.cc
+++ b/poppler/SignatureHandler.cc
@@ -1052,31 +1052,35 @@ std::unique_ptr<GooString> SignatureHandler::signDetached(const char *password)
/// Code from LibreOffice under MPLv2
/////////////////////////////////////
- NSSCMSMessage *cms_msg = NSS_CMSMessage_Create(nullptr);
+ struct NSSCMSMessageDestroyer
+ {
+ void operator()(NSSCMSMessage *message) { NSS_CMSMessage_Destroy(message); }
+ };
+ std::unique_ptr<NSSCMSMessage, NSSCMSMessageDestroyer> cms_msg { NSS_CMSMessage_Create(nullptr) };
if (!cms_msg) {
return nullptr;
}
- NSSCMSSignedData *cms_sd = NSS_CMSSignedData_Create(cms_msg);
+ NSSCMSSignedData *cms_sd = NSS_CMSSignedData_Create(cms_msg.get());
if (!cms_sd) {
return nullptr;
}
- NSSCMSContentInfo *cms_cinfo = NSS_CMSMessage_GetContentInfo(cms_msg);
+ NSSCMSContentInfo *cms_cinfo = NSS_CMSMessage_GetContentInfo(cms_msg.get());
- if (NSS_CMSContentInfo_SetContent_SignedData(cms_msg, cms_cinfo, cms_sd) != SECSuccess) {
+ if (NSS_CMSContentInfo_SetContent_SignedData(cms_msg.get(), cms_cinfo, cms_sd) != SECSuccess) {
return nullptr;
}
cms_cinfo = NSS_CMSSignedData_GetContentInfo(cms_sd);
// Attach NULL data as detached data
- if (NSS_CMSContentInfo_SetContent_Data(cms_msg, cms_cinfo, nullptr, PR_TRUE) != SECSuccess) {
+ if (NSS_CMSContentInfo_SetContent_Data(cms_msg.get(), cms_cinfo, nullptr, PR_TRUE) != SECSuccess) {
return nullptr;
}
// hardcode SHA256 these days...
- NSSCMSSignerInfo *cms_signer = NSS_CMSSignerInfo_Create(cms_msg, signing_cert, SEC_OID_SHA256);
+ NSSCMSSignerInfo *cms_signer = NSS_CMSSignerInfo_Create(cms_msg.get(), signing_cert, SEC_OID_SHA256);
if (!cms_signer) {
return nullptr;
}
@@ -1180,7 +1184,7 @@ std::unique_ptr<GooString> SignatureHandler::signDetached(const char *password)
cms_output.data = nullptr;
cms_output.len = 0;
- NSSCMSEncoderContext *cms_ecx = NSS_CMSEncoder_Start(cms_msg, nullptr, nullptr, &cms_output, arena.get(), passwordCallback, const_cast<char *>(password), nullptr, nullptr, nullptr, nullptr);
+ NSSCMSEncoderContext *cms_ecx = NSS_CMSEncoder_Start(cms_msg.get(), nullptr, nullptr, &cms_output, arena.get(), passwordCallback, const_cast<char *>(password), nullptr, nullptr, nullptr, nullptr);
if (!cms_ecx) {
return nullptr;
}
@@ -1192,7 +1196,6 @@ std::unique_ptr<GooString> SignatureHandler::signDetached(const char *password)
GooString *signature = new GooString(reinterpret_cast<const char *>(cms_output.data), cms_output.len);
SECITEM_FreeItem(pEncodedCertificate, PR_TRUE);
- NSS_CMSMessage_Destroy(cms_msg);
return std::unique_ptr<GooString>(signature);
}
More information about the poppler
mailing list