From 0bb98e7294ce0ad5249d506fa484e72b520231da Mon Sep 17 00:00:00 2001
From: John Zavgren <jzavgren@openjdk.org>
Date: Tue, 20 Nov 2012 09:26:38 +0000
Subject: [PATCH] 8000476: Memory Leaks and uninitialized memory access in
 PKCS11 and other native code

Reviewed-by: dsamersoff, valeriep, chegar
---
 jdk/src/share/bin/wildcard.c                  |  5 ++++
 .../sun/security/jgss/wrapper/GSSLibStub.c    |  2 +-
 .../sun/security/pkcs11/wrapper/p11_mutex.c   | 30 +++++++++++++++----
 jdk/src/solaris/bin/java_md_solinux.c         |  2 ++
 4 files changed, 32 insertions(+), 7 deletions(-)

diff --git a/jdk/src/share/bin/wildcard.c b/jdk/src/share/bin/wildcard.c
index 9ed1b494c69..f8f664450e3 100644
--- a/jdk/src/share/bin/wildcard.c
+++ b/jdk/src/share/bin/wildcard.c
@@ -356,8 +356,13 @@ wildcardFileList(const char *wildcard)
     const char *basename;
     FileList fl = FileList_new(16);
     WildcardIterator it = WildcardIterator_for(wildcard);
+
     if (it == NULL)
+    {
+        FileList_free(fl);
         return NULL;
+    }
+
     while ((basename = WildcardIterator_next(it)) != NULL)
         if (isJarFileName(basename))
             FileList_add(fl, wildcardConcat(wildcard, basename));
diff --git a/jdk/src/share/native/sun/security/jgss/wrapper/GSSLibStub.c b/jdk/src/share/native/sun/security/jgss/wrapper/GSSLibStub.c
index abd2c2d5295..33cd3644e97 100644
--- a/jdk/src/share/native/sun/security/jgss/wrapper/GSSLibStub.c
+++ b/jdk/src/share/native/sun/security/jgss/wrapper/GSSLibStub.c
@@ -571,7 +571,7 @@ Java_sun_security_jgss_wrapper_GSSLibStub_releaseCred(JNIEnv *env,
  */
 void inquireCred(JNIEnv *env, jobject jobj, gss_cred_id_t pCred,
                  jint type, void *result) {
-  OM_uint32 minor, major=GSS_C_QOP_DEFAULT;
+  OM_uint32 minor, major=0;
   OM_uint32 routineErr;
   gss_cred_id_t credHdl;
 
diff --git a/jdk/src/share/native/sun/security/pkcs11/wrapper/p11_mutex.c b/jdk/src/share/native/sun/security/pkcs11/wrapper/p11_mutex.c
index 92ba7d8e207..5c39b105333 100644
--- a/jdk/src/share/native/sun/security/pkcs11/wrapper/p11_mutex.c
+++ b/jdk/src/share/native/sun/security/pkcs11/wrapper/p11_mutex.c
@@ -112,22 +112,34 @@ CK_C_INITIALIZE_ARGS_PTR makeCKInitArgsAdapter(JNIEnv *env, jobject jInitArgs)
     ckpInitArgs->UnlockMutex = NULL_PTR;
 #else
     fieldID = (*env)->GetFieldID(env, jInitArgsClass, "CreateMutex", "Lsun/security/pkcs11/wrapper/CK_CREATEMUTEX;");
-    if (fieldID == NULL) { return NULL; }
+    if (fieldID == NULL) {
+        free(ckpInitArgs);
+        return NULL;
+    }
     jMutexHandler = (*env)->GetObjectField(env, jInitArgs, fieldID);
     ckpInitArgs->CreateMutex = (jMutexHandler != NULL) ? &callJCreateMutex : NULL_PTR;
 
     fieldID = (*env)->GetFieldID(env, jInitArgsClass, "DestroyMutex", "Lsun/security/pkcs11/wrapper/CK_DESTROYMUTEX;");
-    if (fieldID == NULL) { return NULL; }
+    if (fieldID == NULL) {
+        free(ckpInitArgs);
+        return NULL;
+    }
     jMutexHandler = (*env)->GetObjectField(env, jInitArgs, fieldID);
     ckpInitArgs->DestroyMutex = (jMutexHandler != NULL) ? &callJDestroyMutex : NULL_PTR;
 
     fieldID = (*env)->GetFieldID(env, jInitArgsClass, "LockMutex", "Lsun/security/pkcs11/wrapper/CK_LOCKMUTEX;");
-    if (fieldID == NULL) { return NULL; }
+    if (fieldID == NULL) {
+        free(ckpInitArgs);
+        return NULL;
+    }
     jMutexHandler = (*env)->GetObjectField(env, jInitArgs, fieldID);
     ckpInitArgs->LockMutex = (jMutexHandler != NULL) ? &callJLockMutex : NULL_PTR;
 
     fieldID = (*env)->GetFieldID(env, jInitArgsClass, "UnlockMutex", "Lsun/security/pkcs11/wrapper/CK_UNLOCKMUTEX;");
-    if (fieldID == NULL) { return NULL; }
+    if (fieldID == NULL) {
+        free(ckpInitArgs);
+        return NULL;
+    }
     jMutexHandler = (*env)->GetObjectField(env, jInitArgs, fieldID);
     ckpInitArgs->UnlockMutex = (jMutexHandler != NULL) ? &callJUnlockMutex : NULL_PTR;
 
@@ -151,13 +163,19 @@ CK_C_INITIALIZE_ARGS_PTR makeCKInitArgsAdapter(JNIEnv *env, jobject jInitArgs)
 
     /* convert and set the flags field */
     fieldID = (*env)->GetFieldID(env, jInitArgsClass, "flags", "J");
-    if (fieldID == NULL) { return NULL; }
+    if (fieldID == NULL) {
+        free(ckpInitArgs);
+        return NULL;
+    }
     jFlags = (*env)->GetLongField(env, jInitArgs, fieldID);
     ckpInitArgs->flags = jLongToCKULong(jFlags);
 
     /* pReserved should be NULL_PTR in this version */
     fieldID = (*env)->GetFieldID(env, jInitArgsClass, "pReserved", "Ljava/lang/Object;");
-    if (fieldID == NULL) { return NULL; }
+    if (fieldID == NULL) {
+        free(ckpInitArgs);
+        return NULL;
+    }
     jReserved = (*env)->GetObjectField(env, jInitArgs, fieldID);
 
     /* we try to convert the reserved parameter also */
diff --git a/jdk/src/solaris/bin/java_md_solinux.c b/jdk/src/solaris/bin/java_md_solinux.c
index fc8bc99d5f9..46ae9d635ea 100644
--- a/jdk/src/solaris/bin/java_md_solinux.c
+++ b/jdk/src/solaris/bin/java_md_solinux.c
@@ -478,9 +478,11 @@ CreateExecutionEnvironment(int *pargc, char ***pargv,
         JLI_TraceLauncher("mustsetenv: %s\n", mustsetenv ? "TRUE" : "FALSE");
 
         if (mustsetenv == JNI_FALSE) {
+            JLI_MemFree(newargv);
             return;
         }
 #else
+        JLI_MemFree(newargv);
         return;
 #endif /* SETENV_REQUIRED */
       } else {  /* do the same speculatively or exit */