X-Git-Url: https://git.saurik.com/apple/security.git/blobdiff_plain/6b200bc335dc93c5516ccb52f14bd896d8c7fad7..07691282a056c4efea71e1e505527601e8cc166b:/OSX/libsecurity_keychain/lib/SecAccess.cpp

diff --git a/OSX/libsecurity_keychain/lib/SecAccess.cpp b/OSX/libsecurity_keychain/lib/SecAccess.cpp
index 4dacfa95..301cf0e5 100644
--- a/OSX/libsecurity_keychain/lib/SecAccess.cpp
+++ b/OSX/libsecurity_keychain/lib/SecAccess.cpp
@@ -321,8 +321,9 @@ SecAccessRef SecAccessCreateWithOwnerAndACL(uid_t userId, gid_t groupId, SecAcce
 	CFRelease(debugStr);
 #endif
 
-	CSSM_ACL_AUTHORIZATION_TAG rights[numAcls];
-	memset(rights, 0, sizeof(rights));
+    CFIndex rightsSize = numAcls > 0 ? numAcls : 1;
+
+	std::vector<CSSM_ACL_AUTHORIZATION_TAG> rights(numAcls);
 
 	for (CFIndex iCnt = 0; iCnt < numAcls; iCnt++)
 	{
@@ -382,7 +383,7 @@ SecAccessRef SecAccessCreateWithOwnerAndACL(uid_t userId, gid_t groupId, SecAcce
 				{ CSSM_LIST_TYPE_UNKNOWN, &subject1, &subject2 },
 				false,	// Delegate
 				// rights for this entry
-				{ (uint32)(sizeof(rights) / sizeof(rights[0])), rights },
+				{ (uint32)numAcls, rights.data() },
 				// rest is defaulted
 			}
 		}
@@ -579,9 +580,6 @@ CFArrayRef copyTrustedAppListFromBundle(CFStringRef bundlePath, CFStringRef trus
     if (!trustedAppsURL)
         goto xit;
 
-    if ( trustedAppListFileNameWithoutExtension )
-		CFRelease(trustedAppListFileNameWithoutExtension);
-
 	if (!CFURLCreateDataAndPropertiesFromResource(kCFAllocatorDefault,trustedAppsURL,&xmlDataRef,NULL,NULL,&errorCode))
         goto xit;
 
@@ -589,6 +587,7 @@ CFArrayRef copyTrustedAppListFromBundle(CFStringRef bundlePath, CFStringRef trus
     trustedAppList = (CFArrayRef)trustedAppsPlist;
 
 xit:
+    CFReleaseNull(trustedAppListFileNameWithoutExtension);
     if (bundleURL)
         CFRelease(bundleURL);
     if (secBundle)