On Thu, 19 Feb 2026 16:25:45 GMT, Matthias Baesken <[email protected]> wrote:
> Seems there is a call to SecIdentityCopyPrivateKey where we miss calling > CFRelease in early returns/failure cases; same for SecIdentityCopyPrivateKey . > > See the Apple documentation > https://developer.apple.com/documentation/security/secidentitycopyprivatekey(_:_:) > > Also for > https://developer.apple.com/documentation/security/secidentitycopycertificate(_:_:) You add quite some `CFRelease(certificate)`, but only for errors. What about it when there is no error? Should we just release it at the end of each loop? Also, for gotos on lines 352 and 359, shall we also release the certificate? ------------- PR Comment: https://git.openjdk.org/jdk/pull/29821#issuecomment-4136817877
