On Tue, 28 Feb 2023 15:17:19 GMT, Matthias Baesken <mbaes...@openjdk.org> wrote:
> We have a (potential) early return in addCertificatesToKeystore in > KeystoreImpl.m . This is implemented by the CHECK_NULL macro. However this > missed a CFRelease call. src/java.base/macosx/native/libosxsecurity/KeystoreImpl.m line 431: > 429: CFRelease(trustSettings); > 430: goto errOut; > 431: } Do you also need to switch to `goto errOut` for other `CHECK_NULL` calls (line 389 etc)? They also skip the release of `keychainItemSearch`. ------------- PR: https://git.openjdk.org/jdk/pull/12788
