Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi

gnutls-devel

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)

From:	Nikos Mavrogiannopoulos
Subject:	Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)
Date:	Sun, 29 Jun 2008 12:08:14 +0300
User-agent:	Thunderbird 2.0.0.14 (X11/20080505)

Sam Varshavchik wrote:

> I'm chasing a complaint from valgrind that I'm leaking memory.
> Here's valgrind's complaint:
> 
> ==26738== 257 bytes in 1 blocks are definitely lost in loss record 2 of 4
> ==26738==    at 0x4A0739E: malloc (vg_replace_malloc.c:207)
> ==26738==    by 0x35068328F6: _gnutls_mpi_dprint_lz (gnutls_mpi.c:146)
> ==26738==    by 0x350683E47C: _gnutls_dh_set_peer_public
> (gnutls_state.c:474)
> ==26738==    by 0x3506843819: _gnutls_proc_dh_common_server_kx
> (auth_dh_common.c:297)
> ==26738==    by 0x350683BB4F: proc_dhe_server_kx (auth_dhe.c:199)
> ==26738==    by 0x350682AF81: _gnutls_recv_server_kx_message
> (gnutls_kx.c:339)
> ==26738==    by 0x35068273DF: _gnutls_handshake_client
> (gnutls_handshake.c:2311)
> ==26738==    by 0x3506827F77: gnutls_handshake (gnutls_handshake.c:2193)
> 
> 
> Here's what I've been able to figure out. I'm running gnutls 2.0.4, but
> I checked 2.4.0, and the affected bits have not changed, the following
> should still be applicable.

Hello Sam and thank you for there report. However is this issue present
in 2.4.x or 2.2.x? I've seen that there _gnutls_dh_set_peer_public() is
only called by:
_gnutls_proc_dh_common_client_kx (server side only)
_gnutls_proc_dh_common_server_kx (client side only)

Thus this leak could not have occurred.

> Second breakpoint hit:
> 
> #0  _gnutls_dh_set_peer_public (session=0x144fcc0, public=0x1431a70)
>    at gnutls_state.c:474
> #1  0x0000003506843b8f in _gnutls_gen_dh_common_client_kx (
>    session=<value optimized out>, data=<value optimized out>)
>    at auth_dh_common.c:167

This is no longer an issue in 2.2.x or 2.4.x thus I'd suggest you
upgrade. If you cannot a tiny patch is attached.

regards,
Nikos

diff --git a/NEWS b/NEWS
index 9f40999..110ab34 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,10 @@ Copyright (C) 2004, 2005, 2006, 2007 Simon Josefsson
 Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavroyanopoulos
 See the end for copying conditions.
 
+* Version 2.0.5 (unreleased)
+
+** Corrected a memory leak in DHE ciphersuites.
+
 * Version 2.0.4 (released 2007-11-16)
 
 ** Corrected bug in decompression of expanded compression data.           
diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c
index d636aeb..857832b 100644
--- a/lib/auth_dh_common.c
+++ b/lib/auth_dh_common.c
@@ -164,8 +164,6 @@ _gnutls_gen_dh_common_client_kx (gnutls_session_t session, 
opaque ** data)
       goto error;
     }
 
-  _gnutls_dh_set_peer_public (session, session->key->client_Y);
-
   /* THESE SHOULD BE DISCARDED */
   _gnutls_mpi_release (&session->key->client_Y);
   _gnutls_mpi_release (&session->key->client_p);

[Prev in Thread]

Current Thread

[Next in Thread]

Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint), Sam Varshavchik, 2008/06/22
- Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint), Sam Varshavchik, 2008/06/27
  - Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint), Nikos Mavrogiannopoulos <=
    - Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint), Sam Varshavchik, 2008/06/29
    - Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint), Nikos Mavrogiannopoulos, 2008/06/29

Prev by Date: Re: lib/opencdk/read-packet.c: read_s2k() implementation
Next by Date: Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)
Previous by thread: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)
Next by thread: Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)
Index(es):
- Date
- Thread