Integrated: 8303607: SunMSCAPI provider leaks memory and keys
Mat Carter
macarte at openjdk.org
Tue Mar 7 02:15:24 UTC 2023
On Mon, 6 Mar 2023 21:27:07 GMT, Mat Carter <macarte at openjdk.org> wrote:
> Use the correct API for freeing key handles when directed to by the output of CryptAcquireCertificatePrivateKey [1].
> Specifically when [out] pfCallerFreeProvOrNCryptKey is true we test [out] pdwKeySpec for the CERT_NCRYPT_KEY_SPEC flag. When flag bit is set we now call NCryptFreeObject, otherwise we continue to call CryptReleaseContext (as before)
>
> [1] https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecertificateprivatekey
This pull request has now been integrated.
Changeset: c51d40cf
Author: Mat Carter <macarte at openjdk.org>
Committer: Weijun Wang <weijun at openjdk.org>
URL: https://git.openjdk.org/jdk/commit/c51d40cfebe793b2e979db0f2d91ac3b136311bb
Stats: 5 lines in 1 file changed: 4 ins; 0 del; 1 mod
8303607: SunMSCAPI provider leaks memory and keys
Reviewed-by: weijun
-------------
PR: https://git.openjdk.org/jdk/pull/12891
More information about the security-dev
mailing list