Security-58286.260.20.tar.gz

[apple/security.git] / OSX / libsecurity_apple_cspdl / lib / SSCSPDLSession.cpp

diff --git a/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp b/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp
index 257550282bba905bb8d960f252824f2ebae589d5..e4cbb8996f208ec06c56a66b9a432ca2f2a49b5c 100644 (file)
--- a/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp
+++ b/OSX/libsecurity_apple_cspdl/lib/SSCSPDLSession.cpp
@@ -79,11 +79,14 @@ SSCSPDLSession::makeReferenceKey(SSCSPSession &session, KeyHandle inKeyHandle,
                                                                 CssmKey &outKey, SSDatabase &inSSDatabase,
                                                                 uint32 inKeyAttr, const CssmData *inKeyLabel)
 {
+// The analyzer doesn't know what to do with the naked creation of an item
+#ifndef __clang_analyzer__
        SSKey* sskey = new SSKey(session, inKeyHandle, outKey, inSSDatabase, inKeyAttr,
                          inKeyLabel);
     (void) sskey; // Compiler thinks this variable isn't used, but we want the side effects of creation. Tell the compiler it's okay.
 
     secinfo("SecAccessReference", "made a new reference sskey with handle %d [%ld]", sskey->keyHandle(), sskey->keyReference());
+#endif
 }
 
 SSKey &
@@ -122,6 +125,8 @@ void
 SSCSPDLSession::didChangeKeyAcl(SecurityServer::ClientSession &clientSession,
        KeyHandle keyHandle, CSSM_ACL_AUTHORIZATION_TAG tag)
 {
+    StLock<Mutex> __(mKeyDeletionMutex);  // The key can't be deleted while we're poking at it, on pain of crashing
+
        SSKey *theKey = NULL;
 
        {