Integrated: 8303607: SunMSCAPI provider leaks memory and keys

Mat Carter macarte at openjdk.org
Tue Mar 7 02:15:24 UTC 2023


On Mon, 6 Mar 2023 21:27:07 GMT, Mat Carter <macarte at openjdk.org> wrote:

> Use the correct API for freeing key handles when directed to by the output of CryptAcquireCertificatePrivateKey [1].
> Specifically when [out] pfCallerFreeProvOrNCryptKey is true we test [out] pdwKeySpec for the CERT_NCRYPT_KEY_SPEC flag.  When flag bit is set we now call NCryptFreeObject, otherwise we continue to call CryptReleaseContext (as before)
> 
> [1] https://learn.microsoft.com/en-us/windows/win32/api/wincrypt/nf-wincrypt-cryptacquirecertificateprivatekey

This pull request has now been integrated.

Changeset: c51d40cf
Author:    Mat Carter <macarte at openjdk.org>
Committer: Weijun Wang <weijun at openjdk.org>
URL:       https://git.openjdk.org/jdk/commit/c51d40cfebe793b2e979db0f2d91ac3b136311bb
Stats:     5 lines in 1 file changed: 4 ins; 0 del; 1 mod

8303607: SunMSCAPI provider leaks memory and keys

Reviewed-by: weijun

-------------

PR: https://git.openjdk.org/jdk/pull/12891


More information about the security-dev mailing list