Bug 744816 - Fix leak encrypting passwords for android sync. r=rnewman
authorWes Johnston <wjohnston@mozilla.com>
Mon, 16 Apr 2012 09:14:18 -0700
changeset 91771 ef563bc49ec26fb2be3632b760b8d89793a17c9a
parent 91770 9b1a1266c8fd93cc0993e147c0bea91cf07c031e
child 91772 957f4055f7165cec856e26f974509aecc9ae7012
push id1
push userroot
push dateMon, 20 Oct 2014 17:29:22 +0000
reviewersrnewman
bugs744816
milestone14.0a1
Bug 744816 - Fix leak encrypting passwords for android sync. r=rnewman
mozglue/android/NSSBridge.cpp
--- a/mozglue/android/NSSBridge.cpp
+++ b/mozglue/android/NSSBridge.cpp
@@ -211,20 +211,19 @@ doCrypto(JNIEnv* jenv, const char *path,
       }
 
       rv = f_PK11SDR_Decrypt(&request, &reply, NULL);
       if (rv != SECSuccess) {
         throwError(jenv, "PK11SDR_Decrypt");
         goto done;
       }
 
-      *result = (char *)malloc(reply.len);
+      *result = (char *)malloc(reply.len+1);
+      strncpy(*result, (char *)reply.data, reply.len);
       (*result)[reply.len] = '\0';
-      strncpy(*result, (char *)reply.data, reply.len);
-      //asprintf(result, "%s", (char *)reply.data);
 
       LOG("decoded %i letters %s\n", reply.len, *result);
       free(request.data);
     }
 
 done:
     f_SECITEM_ZfreeItem(&reply, false);
     return rv;
@@ -239,17 +238,17 @@ encode(const unsigned char *data, PRInt3
   SECStatus rv = SECSuccess;
   char *encoded = f_PL_Base64Encode((const char *)data, dataLen, NULL);
   if (!encoded)
     rv = SECFailure;
   if (!*encoded)
     rv = SECFailure;
 
   if (rv == SECSuccess) {
-    *_retval = (char *)malloc(strlen(encoded));
+    *_retval = (char *)malloc(strlen(encoded)+1);
     strcpy(*_retval, encoded);
   }
 
   if (encoded) {
     f_PR_Free(encoded);
   }
 
   return rv;