1

iOS 工具在 arc 下该代码的所有 SecPKCS12Import 行上发现内存泄漏:

    SecCertificateRef certRef = SecTrustGetCertificateAtIndex(trustRef, 0);
    CFStringRef certSummary = SecCertificateCopySubjectSummary(certRef);
    NSData *data = (__bridge_transfer NSData *) SecCertificateCopyData(certRef);
    NSURL *indexURL = [[NSBundle mainBundle] URLForResource:@"cert1" withExtension:@"p12"];
    NSData *localP12 = [NSData dataWithContentsOfURL:indexURL];
    NSMutableDictionary * options = [[NSMutableDictionary alloc] init];
    NSString *password = ///
    [options setObject:password forKey:(__bridge id)kSecImportExportPassphrase];
    CFArrayRef items = CFArrayCreate(NULL, 0, 0, NULL);
    OSStatus securityError = SecPKCS12Import((__bridge CFDataRef) localP12,(__bridge CFDictionaryRef)options, &items);
    if (securityError == noErr) { };/// good } else { //bad }
    CFDictionaryRef identityDict = CFArrayGetValueAtIndex(items, 0);
    CFArrayRef certificates =
    (CFArrayRef)CFDictionaryGetValue(identityDict,kSecImportItemCertChain);
    SecCertificateRef localCert = (SecCertificateRef)CFArrayGetValueAtIndex(certificates,0);
    CFDataRef dataLocal = SecCertificateCopyData(localCert);
    NSData *local = (__bridge NSData *)dataLocal;
    //NSLog(@"local:%@",local);
    NSURL *indexURLmac3 = [[NSBundle mainBundle] URLForResource:@"cert2" withExtension:@"p12"];
    NSData *localP12mac3 = [NSData dataWithContentsOfURL:indexURLmac3];
    NSMutableDictionary * optionsMac3 = [[NSMutableDictionary alloc] init];
    NSString *passwordMac3 = //
    [optionsMac3 setObject:passwordMac3 forKey:(__bridge id)kSecImportExportPassphrase];
    CFArrayRef itemsMac3 = CFArrayCreate(NULL, 0, 0, NULL);
    securityError = SecPKCS12Import((__bridge CFDataRef) localP12mac3, (__bridge CFDictionaryRef)optionsMac3, &itemsMac3);
    if (securityError == noErr) { };/// good } else { //bad }
    CFDictionaryRef identityDictMac3 = CFArrayGetValueAtIndex(itemsMac3, 0);
    CFArrayRef certificatesMac3 =
    (CFArrayRef)CFDictionaryGetValue(identityDictMac3, kSecImportItemCertChain);
    SecCertificateRef localCertMac3 = (SecCertificateRef)CFArrayGetValueAtIndex(certificatesMac3,0);
    CFDataRef dataLocalMac3 = SecCertificateCopyData(localCertMac3);
    NSData *localMac3 = (__bridge NSData *)dataLocalMac3;
    NSURL *indexURLwebcob3 = [[NSBundle mainBundle] URLForResource:@"cert3" withExtension:@"p12"];
    NSData *localP12wwebcob3 = [NSData dataWithContentsOfURL:indexURLwebcob3];
    NSMutableDictionary * optionsWebcob3 = [[NSMutableDictionary alloc] init];
    NSString *passwordWebcob3 = //
    [optionsWebcob3 setObject:passwordWebcob3 forKey:(__bridge id)kSecImportExportPassphrase];
    CFArrayRef itemsWebcob3 = CFArrayCreate(NULL, 0, 0, NULL);
    securityError = SecPKCS12Import((__bridge CFDataRef) localP12wwebcob3, (__bridge CFDictionaryRef)optionsWebcob3, &itemsWebcob3);
    if (securityError == noErr) { };/// good } else { //bad }
    CFDictionaryRef identityDictWebcob3 = CFArrayGetValueAtIndex(itemsWebcob3, 0);
    CFArrayRef certificatesWebcob3 =
    (CFArrayRef)CFDictionaryGetValue(identityDictWebcob3,
                                     kSecImportItemCertChain);
    SecCertificateRef localCertWebcob3 = (SecCertificateRef)CFArrayGetValueAtIndex(certificatesWebcob3,0);
    CFDataRef dataLocalWebcob3 = SecCertificateCopyData(localCertWebcob3);
    NSData *localWebcob3 = (__bridge NSData *)dataLocalWebcob3;
    if ([data isEqualToData:local] || [data isEqualToData:localMac3] || [data isEqualToData:localWebcob3]) trust = YES;

    CFRelease(certSummary);
    CFRelease((CFDataRef) dataLocal);
    CFRelease((CFDataRef) dataLocalMac3);
    CFRelease((CFDataRef) dataLocalWebcob3);

我哪里错了?

4

1 回答 1

2

哇。该代码真的很难遵循。您似乎正在执行三种不同的 PKCS12 导入,您可能希望将其设为一个被调用三次的方法。只是说。

无论如何,即使不遵循您的代码,我也知道问题可能是什么——因为我以前见过这个。您使用的安全方法遵循此处定义的 CoreFoundation 内存管理模式。我不止一次发现 PKCS12 身份导入过程泄漏,因为有人没有意识到这一点,或者认为转换为 ARC 的桥只会使其工作。

但这里是你应该看的——当然,除了 Instruments 试图告诉你的任何东西:

  • 您需要释放作为最后一个参数传递的项目SecPKCS12Import(文档中的 CFArrayRef)。查看Apple 的示例以获得指导。

  • 我看到了更明显的东西——你在CFArrayCreate没有相应版本的情况下打电话。

于 2013-04-25T22:23:00.217 回答