Bug 1713562 - Fix test leak, r=bbeurdouche NSS_3_68_BRANCH
authorMartin Thomson <mt@lowentropy.net>
Thu, 08 Jul 2021 17:56:31 +0000
branchNSS_3_68_BRANCH
changeset 15953 aff77f1bc68f291daff27708c947a6c83bd254f2
parent 15951 341c2fed9ec980a470f92936f5f5ea433db57de7
child 15954 3680dc580194cbe3bb1004d2f7741eebc3066d2c
push id3988
push userbbeurdouche@mozilla.com
push dateThu, 08 Jul 2021 17:59:56 +0000
reviewersbbeurdouche
bugs1713562
Bug 1713562 - Fix test leak, r=bbeurdouche Differential Revision: https://phabricator.services.mozilla.com/D119045
gtests/ssl_gtest/tls_connect.cc
gtests/ssl_gtest/tls_connect.h
gtests/ssl_gtest/tls_ech_unittest.cc
--- a/gtests/ssl_gtest/tls_connect.cc
+++ b/gtests/ssl_gtest/tls_connect.cc
@@ -243,48 +243,48 @@ void TlsConnectTestBase::Init() {
 void TlsConnectTestBase::ResetAntiReplay(PRTime window) {
   SSLAntiReplayContext* p_anti_replay = nullptr;
   EXPECT_EQ(SECSuccess,
             SSL_CreateAntiReplayContext(now_, window, 1, 3, &p_anti_replay));
   EXPECT_NE(nullptr, p_anti_replay);
   anti_replay_.reset(p_anti_replay);
 }
 
-void TlsConnectTestBase::MakeEcKeyParams(SECItem* params, SSLNamedGroup group) {
+ScopedSECItem TlsConnectTestBase::MakeEcKeyParams(SSLNamedGroup group) {
   auto groupDef = ssl_LookupNamedGroup(group);
-  ASSERT_NE(nullptr, groupDef);
+  EXPECT_NE(nullptr, groupDef);
 
   auto oidData = SECOID_FindOIDByTag(groupDef->oidTag);
-  ASSERT_NE(nullptr, oidData);
-  ASSERT_NE(nullptr,
-            SECITEM_AllocItem(nullptr, params, (2 + oidData->oid.len)));
+  EXPECT_NE(nullptr, oidData);
+  ScopedSECItem params(
+      SECITEM_AllocItem(nullptr, nullptr, (2 + oidData->oid.len)));
+  EXPECT_TRUE(!!params);
   params->data[0] = SEC_ASN1_OBJECT_ID;
   params->data[1] = oidData->oid.len;
   memcpy(params->data + 2, oidData->oid.data, oidData->oid.len);
+  return params;
 }
 
 void TlsConnectTestBase::GenerateEchConfig(
     HpkeKemId kem_id, const std::vector<HpkeSymmetricSuite>& cipher_suites,
     const std::string& public_name, uint16_t max_name_len, DataBuffer& record,
     ScopedSECKEYPublicKey& pubKey, ScopedSECKEYPrivateKey& privKey) {
   bool gen_keys = !pubKey && !privKey;
-  SECKEYECParams ecParams = {siBuffer, NULL, 0};
-  MakeEcKeyParams(&ecParams, ssl_grp_ec_curve25519);
 
   SECKEYPublicKey* pub = nullptr;
   SECKEYPrivateKey* priv = nullptr;
 
   if (gen_keys) {
-    priv = SECKEY_CreateECPrivateKey(&ecParams, &pub, nullptr);
+    ScopedSECItem ecParams = MakeEcKeyParams(ssl_grp_ec_curve25519);
+    priv = SECKEY_CreateECPrivateKey(ecParams.get(), &pub, nullptr);
   } else {
     priv = privKey.get();
     pub = pubKey.get();
   }
   ASSERT_NE(nullptr, priv);
-  SECITEM_FreeItem(&ecParams, PR_FALSE);
   PRUint8 encoded[1024];
   unsigned int encoded_len = 0;
   SECStatus rv = SSL_EncodeEchConfigId(
       77, public_name.c_str(), max_name_len, kem_id, pub, cipher_suites.data(),
       cipher_suites.size(), encoded, &encoded_len, sizeof(encoded));
   EXPECT_EQ(SECSuccess, rv);
   EXPECT_GT(encoded_len, 0U);
 
--- a/gtests/ssl_gtest/tls_connect.h
+++ b/gtests/ssl_gtest/tls_connect.h
@@ -141,17 +141,17 @@ class TlsConnectTestBase : public ::test
   void AdvanceTime(PRTime time_shift);
 
   void ResetAntiReplay(PRTime window);
   void RolloverAntiReplay();
 
   void SaveAlgorithmPolicy();
   void RestoreAlgorithmPolicy();
 
-  static void MakeEcKeyParams(SECItem* params, SSLNamedGroup group);
+  static ScopedSECItem MakeEcKeyParams(SSLNamedGroup group);
   static void GenerateEchConfig(
       HpkeKemId kem_id, const std::vector<HpkeSymmetricSuite>& cipher_suites,
       const std::string& public_name, uint16_t max_name_len, DataBuffer& record,
       ScopedSECKEYPublicKey& pubKey, ScopedSECKEYPrivateKey& privKey);
   void SetupEch(std::shared_ptr<TlsAgent>& client,
                 std::shared_ptr<TlsAgent>& server,
                 HpkeKemId kem_id = HpkeDhKemX25519Sha256,
                 bool expect_ech = true, bool set_client_config = true,
--- a/gtests/ssl_gtest/tls_ech_unittest.cc
+++ b/gtests/ssl_gtest/tls_ech_unittest.cc
@@ -177,24 +177,22 @@ class TlsConnectStreamTls13Ech : public 
                                       echconfig.len()));
   }
 
   void ValidatePublicNames(const std::vector<std::string>& names,
                            SECStatus expected) {
     static const std::vector<HpkeSymmetricSuite> kSuites = {
         {HpkeKdfHkdfSha256, HpkeAeadAes128Gcm}};
 
-    SECKEYECParams ecParams = {siBuffer, NULL, 0};
-    MakeEcKeyParams(&ecParams, ssl_grp_ec_curve25519);
-
+    ScopedSECItem ecParams = MakeEcKeyParams(ssl_grp_ec_curve25519);
     ScopedSECKEYPublicKey pub;
     ScopedSECKEYPrivateKey priv;
     SECKEYPublicKey* pub_p = nullptr;
     SECKEYPrivateKey* priv_p =
-        SECKEY_CreateECPrivateKey(&ecParams, &pub_p, nullptr);
+        SECKEY_CreateECPrivateKey(ecParams.get(), &pub_p, nullptr);
     pub.reset(pub_p);
     priv.reset(priv_p);
     ASSERT_TRUE(!!pub);
     ASSERT_TRUE(!!priv);
 
     EnsureTlsSetup();
 
     DataBuffer cfg;