author David Keeler <>
Mon, 21 Dec 2015 17:14:41 -0800
changeset 312859 f745c6e024a325921801db0394add38c86f34add
parent 287463 40fb01ba8c9287c5fb982a8cbffdad6862c296fc
child 326099 55212130f19da3079167a6b0a5a0ed6689c9a71d
permissions -rw-r--r--
bug 1234417 - fix a leak in CreateECPublicKey r=rbarnes Before this patch, CreateECPublicKey would create a SECKEYPublicKey allocated on a scoped arena. It would then call CryptoKey::PublicKeyValid, which has the side-effect of importing the key to the internal PKCS#11 slot. When the arena went out of scope, the memory for the key would be released, but the reference to the slot wouldn't, causing a leak. This patch fixes the leak by making the SECKEYPublicKey a ScopedSECKEYPublicKey (which ensures that the type-specific "destructor" SECKEY_DestroyPublicKey is called, which releases the reference to the PKCS#11 slot).

/* -*- Mode: C++; tab-width: 8; indent-tabs-mode: nil; c-basic-offset: 2 -*-
 * vim: sw=2 ts=8 et :
/* This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at */

#ifndef mozilla_${HEADER}_h
#define mozilla_${HEADER}_h

// For some reason, Apple's GCC refuses to honor -fno-exceptions when
// compiling ObjC.
#if defined(__EXCEPTIONS) && __EXCEPTIONS && !(__OBJC__ && __GNUC__ && XP_IOS)
#  error "STL code can only be used with -fno-exceptions"

// Silence "warning: #include_next is a GCC extension"
#pragma GCC system_header

// mozalloc.h wants <new>; break the cycle by always explicitly
// including <new> here.  NB: this is a tad sneaky.  Sez the gcc docs:
//    `#include_next' does not distinguish between <file> and "file"
//    inclusion, nor does it check that the file you specify has the
//    same name as the current file. It simply looks for the file
//    named, starting with the directory in the search path after the
//    one where the current file was found.
#include_next <new>

// See if we're in code that can use mozalloc.  NB: this duplicates
// code in nscore.h because nscore.h pulls in prtypes.h, and chromium
// can't build with that being included before base/basictypes.h.
#if !defined(XPCOM_GLUE) && !defined(NS_NO_XPCOM) && !defined(MOZ_NO_MOZALLOC)
#  include "mozilla/mozalloc.h"
#  error "STL code can only be used with infallible ::operator new()"

#if defined(DEBUG) && !defined(_GLIBCXX_DEBUG)
// Enable checked iterators and other goodies
// FIXME/bug 551254: gcc's debug STL implementation requires -frtti.
// Figure out how to resolve this with -fno-rtti.  Maybe build with
// -frtti in DEBUG builds?
//  # define _GLIBCXX_DEBUG 1

#pragma GCC visibility push(default)
#include_next <${HEADER}>
#pragma GCC visibility pop

// gcc calls a __throw_*() function from bits/functexcept.h when it
// wants to "throw an exception".  functexcept exists nominally to
// support -fno-exceptions, but since we'll always use the system
// libstdc++, and it's compiled with exceptions, then in practice
// these __throw_*() functions will always throw exceptions (shades of
// -fshort-wchar).  We don't want that and so define our own inlined
// __throw_*().
#ifndef mozilla_throw_gcc_h
#  include "mozilla/throw_gcc.h"

#endif  // if mozilla_${HEADER}_h