Bug 1029151 - Remove dangerous public destructor of nsNSSCertificate. r=keeler

2024-09-13 09:24:08 -07:00 · 2014-07-30 13:00:29 -07:00 · 2014-07-30 13:00:29 -07:00 · 5e0f3360d7
commit 5e0f3360d7
parent 409897c6db
3 changed files with 6 additions and 11 deletions
--- a/security/manager/ssl/src/nsClientAuthRemember.cpp
+++ b/security/manager/ssl/src/nsClientAuthRemember.cpp
@ -114,9 +114,9 @@ nsClientAuthRememberService::RememberDecision(const nsACString & aHostName,
  {
    ReentrantMonitorAutoEnter lock(monitor);
    if (aClientCert) {
-      nsNSSCertificate pipCert(aClientCert);
+      RefPtr<nsNSSCertificate> pipCert(new nsNSSCertificate(aClientCert));
      char *dbkey = nullptr;
-      rv = pipCert.GetDbKey(&dbkey);
+      rv = pipCert->GetDbKey(&dbkey);
      if (NS_SUCCEEDED(rv) && dbkey) {
        AddEntryToList(aHostName, fpStr, 
                       nsDependentCString(dbkey));
--- a/security/manager/ssl/src/nsNSSCertificate.h
+++ b/security/manager/ssl/src/nsNSSCertificate.h
@ -42,7 +42,6 @@ public:

  nsNSSCertificate(CERTCertificate* cert, SECOidTag* evOidPolicy = nullptr);
  nsNSSCertificate();
-  virtual ~nsNSSCertificate();
  nsresult FormatUIStrings(const nsAutoString& nickname,
                           nsAutoString& nickWithSerial,
                           nsAutoString& details);
@ -51,6 +50,8 @@ public:
  static nsNSSCertificate* ConstructFromDER(char* certDER, int derLen);

 private:
+  virtual ~nsNSSCertificate();
+
  mozilla::ScopedCERTCertificate mCert;
  bool             mPermDelete;
  uint32_t         mCertType;
@ -74,12 +75,6 @@ private:

 namespace mozilla {

-template<>
-struct HasDangerousPublicDestructor<nsNSSCertificate>
-{
-  static const bool value = true;
-};
-
 SECStatus ConstructCERTCertListFromReversedDERArray(
            const mozilla::pkix::DERArray& certArray,
            /*out*/ mozilla::ScopedCERTCertList& certList);
--- a/security/manager/ssl/src/nsNSSCertificateDB.cpp
+++ b/security/manager/ssl/src/nsNSSCertificateDB.cpp
@ -1240,11 +1240,11 @@ nsNSSCertificateDB::getCertNames(CERTCertList *certList,
       !CERT_LIST_END(node, certList);
       node = CERT_LIST_NEXT(node)) {
    if (getCertType(node->cert) == type) {
-      nsNSSCertificate pipCert(node->cert);
+      RefPtr<nsNSSCertificate> pipCert(new nsNSSCertificate(node->cert));
      char *dbkey = nullptr;
      char *namestr = nullptr;
      nsAutoString certstr;
-      pipCert.GetDbKey(&dbkey);
+      pipCert->GetDbKey(&dbkey);
      nsAutoString keystr = NS_ConvertASCIItoUTF16(dbkey);
      PR_FREEIF(dbkey);
      if (type == nsIX509Cert::EMAIL_CERT) {