# HG changeset patch # User Daniel Atallah # Date 1191854701 0 # Node ID 09b06f6769ee97c5353c48e193aacef81b38676d # Parent 3e4c4a33ea3532bee311f78d0fd0f2fa10f1ea5a Prevent leakage of the cert returned by SSL_PeerCertificate(), and prevent allocation since it isn't used currently anyway. Also prevent an assertion when reading a cert file - there are a number of places where g_return_* are misused here that need to be cleaned up. diff -r 3e4c4a33ea35 -r 09b06f6769ee libpurple/plugins/ssl/ssl-nss.c --- a/libpurple/plugins/ssl/ssl-nss.c Mon Oct 08 14:26:41 2007 +0000 +++ b/libpurple/plugins/ssl/ssl-nss.c Mon Oct 08 14:45:01 2007 +0000 @@ -386,6 +386,7 @@ static GList * ssl_nss_peer_certs(PurpleSslConnection *gsc) { +#if 0 PurpleSslNssData *nss_data = PURPLE_SSL_NSS_DATA(gsc); CERTCertificate *cert; /* @@ -397,6 +398,10 @@ /* TODO: this is a blind guess */ cert = SSL_PeerCertificate(nss_data->fd); + if (cert) + CERT_DestroyCertificate(cert); +#endif + return NULL; @@ -430,11 +435,12 @@ filename); /* Load the raw data up */ - g_return_val_if_fail( - g_file_get_contents(filename, - &rawcert, &len, - NULL ), - NULL); + if (!g_file_get_contents(filename, + &rawcert, &len, + NULL)) { + purple_debug_error("nss/x509", "Unable to read certificate file.\n"); + return NULL; + } /* Decode the certificate */ crt_dat = CERT_DecodeCertFromPackage(rawcert, len);