Fix PKCS#11 module leak if C_GetSlotInfo() failed

2019-05-06 18:33:40 +02:00 · 2019-05-06 18:33:40 +02:00 · 141e716639
commit 141e716639
parent 5deb5dd362
2 changed files with 41 additions and 1 deletions
--- a/nss-module-leak.patch
+++ b/nss-module-leak.patch
@ -0,0 +1,35 @@
+# HG changeset patch
+# User Daiki Ueno <dueno@redhat.com>
+# Date 1557150127 -7200
+#      Mon May 06 15:42:07 2019 +0200
+# Node ID 438ac983bda9ec7944990d22a37877e9111caa90
+# Parent  b018f3e84d87cce99a1fd81feeecb31123058687
+pk11slot: reference module from slot for finalization
+
+diff --git a/lib/pk11wrap/pk11slot.c b/lib/pk11wrap/pk11slot.c
+--- a/lib/pk11wrap/pk11slot.c
+++ b/lib/pk11wrap/pk11slot.c
+@@ -1439,6 +1439,11 @@ PK11_InitSlot(SECMODModule *mod, CK_SLOT
+     slot->slotID = slotID;
+     slot->isThreadSafe = mod->isThreadSafe;
+     slot->hasRSAInfo = PR_FALSE;
+    slot->module = mod; /* NOTE: we don't make a reference here because
+                         * modules have references to their slots. This
+                         * works because modules keep implicit references
+                         * from their slots, and won't unload and disappear
+                         * until all their slots have been freed */
+ 
+     if (PK11_GETTAB(slot)->C_GetSlotInfo(slotID, &slotInfo) != CKR_OK) {
+         slot->disabled = PR_TRUE;
+@@ -1448,11 +1453,6 @@ PK11_InitSlot(SECMODModule *mod, CK_SLOT
+ 
+     /* test to make sure claimed mechanism work */
+     slot->needTest = mod->internal ? PR_FALSE : PR_TRUE;
+-    slot->module = mod; /* NOTE: we don't make a reference here because
+-                         * modules have references to their slots. This
+-                         * works because modules keep implicit references
+-                         * from their slots, and won't unload and disappear
+-                         * until all their slots have been freed */
+     (void)PK11_MakeString(NULL, slot->slot_name,
+                           (char *)slotInfo.slotDescription, sizeof(slotInfo.slotDescription));
+     slot->isHW = (PRBool)((slotInfo.flags & CKF_HW_SLOT) == CKF_HW_SLOT);
--- a/nss.spec
+++ b/nss.spec
@ -43,7 +43,7 @@ rpm.define(string.format("nss_release_tag NSS_%s_RTM",
 Summary:          Network Security Services
 Name:             nss
 Version:          %{nss_version}
-Release:          2%{?dist}
+Release:          3%{?dist}
 License:          MPLv2.0
 URL:              http://www.mozilla.org/projects/security/pki/nss/
 Requires:         nspr >= %{nspr_version}
@ -93,6 +93,8 @@ Source28:         nss-p11-kit.config

 # Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=617723
 Patch2:           nss-539183.patch
+# Upstream: https://bugzilla.mozilla.org/show_bug.cgi?id=1549382
+Patch3:           nss-module-leak.patch
 # This patch uses the GCC -iquote option documented at
 # http://gcc.gnu.org/onlinedocs/gcc/Directory-Options.html#Directory-Options
 # to give the in-tree headers a higher priority over the system headers,
@ -866,6 +868,9 @@ update-crypto-policies &> /dev/null || :


 %changelog
+* Mon May  6 2019 Daiki Ueno <dueno@redhat.com> - 3.43.0-3
+- Fix PKCS#11 module leak if C_GetSlotInfo() failed
+
 * Tue Mar 26 2019 Elio Maldonado <elio.maldonado.batiz@gmail.com> - 3.43.0-2
 - Update %%{nspr_version} to 4.21.0 and remove obsolete comment