-
Type:
Bug
-
Resolution: Unresolved
-
Priority:
P4
-
None
-
Affects Version/s: 25, 26, 27
-
Component/s: security-libs
-
None
-
generic
-
os_x
There are a couple of calls like SecIdentityCopyPrivateKey where we seem to miss CFRelease :
E.g. privateKeyRef from
SecKeyRef privateKeyRef;
err = SecIdentityCopyPrivateKey(theIdentity, &privateKeyRef);
https://github.com/openjdk/jdk/blob/5ba91fed345b078a67ad6bead1d8893bd9289f58/src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m#L343
needs to be CFReleased too according to
https://developer.apple.com/documentation/security/secidentitycopyprivatekey(_:_:)
Also for https://developer.apple.com/documentation/security/secidentitycopycertificate(_:_:) we need CFRelease too.
but seems we miss it here :
https://github.com/openjdk/jdk/blob/26aab3cccdbcf98c329c8d67093eb2dbf4b164e5/src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m#L293C54-L293C65
SecCertificateRef certificate;
SecIdentityCopyCertificate(theIdentity, &certificate);
E.g. privateKeyRef from
SecKeyRef privateKeyRef;
err = SecIdentityCopyPrivateKey(theIdentity, &privateKeyRef);
https://github.com/openjdk/jdk/blob/5ba91fed345b078a67ad6bead1d8893bd9289f58/src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m#L343
needs to be CFReleased too according to
https://developer.apple.com/documentation/security/secidentitycopyprivatekey(_:_:)
Also for https://developer.apple.com/documentation/security/secidentitycopycertificate(_:_:) we need CFRelease too.
but seems we miss it here :
https://github.com/openjdk/jdk/blob/26aab3cccdbcf98c329c8d67093eb2dbf4b164e5/src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m#L293C54-L293C65
SecCertificateRef certificate;
SecIdentityCopyCertificate(theIdentity, &certificate);
- relates to
-
-
- Resolved
-