29 Jun 11:08
Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)
From: Nikos Mavrogiannopoulos <nmav <at> gnutls.org>
Subject: Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)
Newsgroups: gmane.comp.encryption.gpg.gnutls.devel
Date: 2008-06-29 09:08:14 GMT
Subject: Re: Memory leak in _gnutls_mpi_dprint_lz (possibly _gnutls_mpi_dprint)
Newsgroups: gmane.comp.encryption.gpg.gnutls.devel
Date: 2008-06-29 09:08:14 GMT
Sam Varshavchik wrote: > I'm chasing a complaint from valgrind that I'm leaking memory. > Here's valgrind's complaint: > > ==26738== 257 bytes in 1 blocks are definitely lost in loss record 2 of 4 > ==26738== at 0x4A0739E: malloc (vg_replace_malloc.c:207) > ==26738== by 0x35068328F6: _gnutls_mpi_dprint_lz (gnutls_mpi.c:146) > ==26738== by 0x350683E47C: _gnutls_dh_set_peer_public > (gnutls_state.c:474) > ==26738== by 0x3506843819: _gnutls_proc_dh_common_server_kx > (auth_dh_common.c:297) > ==26738== by 0x350683BB4F: proc_dhe_server_kx (auth_dhe.c:199) > ==26738== by 0x350682AF81: _gnutls_recv_server_kx_message > (gnutls_kx.c:339) > ==26738== by 0x35068273DF: _gnutls_handshake_client > (gnutls_handshake.c:2311) > ==26738== by 0x3506827F77: gnutls_handshake (gnutls_handshake.c:2193) > > > Here's what I've been able to figure out. I'm running gnutls 2.0.4, but > I checked 2.4.0, and the affected bits have not changed, the following > should still be applicable. Hello Sam and thank you for there report. However is this issue present in 2.4.x or 2.2.x? I've seen that there _gnutls_dh_set_peer_public() is only called by: _gnutls_proc_dh_common_client_kx (server side only) _gnutls_proc_dh_common_server_kx (client side only) Thus this leak could not have occurred. > Second breakpoint hit: > > #0 _gnutls_dh_set_peer_public (session=0x144fcc0, public=0x1431a70) > at gnutls_state.c:474 > #1 0x0000003506843b8f in _gnutls_gen_dh_common_client_kx ( > session=<value optimized out>, data=<value optimized out>) > at auth_dh_common.c:167 This is no longer an issue in 2.2.x or 2.4.x thus I'd suggest you upgrade. If you cannot a tiny patch is attached. regards, Nikos
diff --git a/NEWS b/NEWS
index 9f40999..110ab34 100644
--- a/NEWS
+++ b/NEWS
@@ -3,6 +3,10 @@ Copyright (C) 2004, 2005, 2006, 2007 Simon Josefsson
Copyright (C) 2000, 2001, 2002, 2003, 2004 Nikos Mavroyanopoulos
See the end for copying conditions.
+* Version 2.0.5 (unreleased)
+
+** Corrected a memory leak in DHE ciphersuites.
+
* Version 2.0.4 (released 2007-11-16)
** Corrected bug in decompression of expanded compression data.
diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c
index d636aeb..857832b 100644
--- a/lib/auth_dh_common.c
+++ b/lib/auth_dh_common.c
@@ -164,8 +164,6 @@ _gnutls_gen_dh_common_client_kx (gnutls_session_t session, opaque ** data)
goto error;
}
- _gnutls_dh_set_peer_public (session, session->key->client_Y);
-
/* THESE SHOULD BE DISCARDED */
_gnutls_mpi_release (&session->key->client_Y);
_gnutls_mpi_release (&session->key->client_p);
_______________________________________________ Gnutls-devel mailing list Gnutls-devel <at> gnu.org http://lists.gnu.org/mailman/listinfo/gnutls-devel
RSS Feed