An app我正在使用登录钥匙串中的简单密码项工作 . 我注意到有一个永远不会被释放的 SecKeychainItemRef
. official documentation on SecKeychainFindGenericPassword()读到:
返回时,指向通用密码的项目对象的指针 . 您有责任发布对此对象的引用 .
经过一些快速更改后,静态代码分析器声称:
-
假设'result'等于noErr
-
假设'item'非空
-
试图释放尚未分配的数据
我'm at a loss at how I' m假设结果等于noErr,因为有一个else子句 . 不太确定我假设item是非null的,也不确定我如何释放未经分配的数据( if (item)
) .
警告和代码清单的屏幕截图
代码清单
这是一个关于GitHub的Hermes项目part of .
老
BOOL KeychainSetItem(NSString* username, NSString* password) {
SecKeychainItemRef item;
OSStatus result = SecKeychainFindGenericPassword(
NULL,
strlen(KEYCHAIN_SERVICE_NAME),
KEYCHAIN_SERVICE_NAME,
[username length],
[username UTF8String],
NULL,
NULL,
&item);
if (result == noErr) {
result = SecKeychainItemModifyContent(item, NULL, [password length],
[password UTF8String]);
return result == noErr;
} else {
result = SecKeychainAddGenericPassword(
NULL,
strlen(KEYCHAIN_SERVICE_NAME),
KEYCHAIN_SERVICE_NAME,
[username length],
[username UTF8String],
[password length],
[password UTF8String],
NULL);
return result == noErr;
}
}
新
BOOL KeychainSetItem(NSString* username, NSString* password) {
SecKeychainItemRef item = nil;
OSStatus result = SecKeychainFindGenericPassword(
NULL,
strlen(KEYCHAIN_SERVICE_NAME),
KEYCHAIN_SERVICE_NAME,
[username length],
[username UTF8String],
NULL,
NULL,
&item);
if (result == noErr) {
result = SecKeychainItemModifyContent(item, NULL, [password length],
[password UTF8String]);
} else {
result = SecKeychainAddGenericPassword(
NULL,
strlen(KEYCHAIN_SERVICE_NAME),
KEYCHAIN_SERVICE_NAME,
[username length],
[username UTF8String],
[password length],
[password UTF8String],
NULL);
}
if (item) {
SecKeychainItemFreeContent(NULL, item);
}
return result == noErr;
}
1 回答
SecKeychainItemRef
变量是 CoreFoundation reference counted . 从静态代码分析器的角度来看,在SecKeychainItemRef
上调用SecKeychainItemFreeContent()
等于释放未分配的数据,因为它没有被SecKeychain函数分配 .通过在
SecKeychainItemRef
变量(而不是SecKeychainItemFreeContent()
)上调用CFRelease()
,所有错误都消失了 .