help-gnutls
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-gnutls] GnuTLS 2.2.1 memory leaks or just bad usage?

From: Nikos Mavrogiannopoulos
Subject: Re: [Help-gnutls] GnuTLS 2.2.1 memory leaks or just bad usage?
Date: Sat, 16 Feb 2008 23:39:45 +0200
User-agent: Thunderbird 2.0.0.6 (X11/20071022) 
O/H Daniel Stenberg έγραψε:
First it doesn't build, it needs a #include "gnutls_datum.h" in gnutls_session.c! (If you want me to, I can produce an updated patch that applies cleanly.)
Then, yes it _does_ fix the worst leaks in my test case. The reamining leak now looks like this (with a build using only -g and not -O2 that otherwise confuse symbols like the ones in my initial report): 

==13872== 128 bytes in 1 blocks are definitely lost in loss record 2 of 8
==13872== at 0x4022AB8: malloc (vg_replace_malloc.c:207)
==13872== by 0x40FBC15: _gnutls_mpi_dprint_lz (gnutls_mpi.c:146)
==13872== by 0x410B4C3: _gnutls_dh_set_peer_public (gnutls_state.c:474)
==13872== by 0x411354E: _gnutls_proc_dh_common_server_kx (auth_dh_common.c:297) 
==13872== by 0x4108404: proc_dhe_server_kx (auth_dhe.c:199)
==13872== by 0x40F079F: _gnutls_recv_server_kx_message (gnutls_kx.c:401)
==13872== by 0x40EB332: _gnutls_handshake_client (gnutls_handshake.c:2342) 
==13872== by 0x40EADF9: gnutls_handshake (gnutls_handshake.c:2238)
==13872== by 0x8083C40: handshake (gtls.c:156)
==13872== by 0x80841D5: Curl_gtls_connect (gtls.c:326)
==13872== by 0x806169A: Curl_ssl_connect (sslgen.c:215)
==13872== by 0x806C605: Curl_http_connect (http.c:1700)
What about this patch? It's quite intrusive. My development environment is almost inexistent now, thus I'd appreciate if you or any other volunteers could test it. 

regards,
Nikos


diff --git a/lib/gnutls_session.c b/lib/gnutls_session.c
index a1cd173..9b2d6bc 100644
--- a/lib/gnutls_session.c
+++ b/lib/gnutls_session.c
@@ -25,6 +25,7 @@
 #include "gnutls_errors.h"
 #include "debug.h"
 #include <gnutls_session_pack.h>
+#include <gnutls_datum.h>
 
 /**
   * gnutls_session_get_data - Returns all session parameters.
@@ -61,12 +62,19 @@ gnutls_session_get_data (gnutls_session_t session,
   *session_data_size = psession.size;
 
   if (psession.size > *session_data_size)
-    return GNUTLS_E_SHORT_MEMORY_BUFFER;
+    {
+      ret = GNUTLS_E_SHORT_MEMORY_BUFFER;
+      goto error;
+    }
 
   if (session_data != NULL)
     memcpy (session_data, psession.data, psession.size);
 
-  return 0;
+  ret = 0;
+
+error:
+  _gnutls_free_datum( &psession);
+  return ret;
 }
 
 /**
diff --git a/lib/gnutls_session_pack.c b/lib/gnutls_session_pack.c
index 9dc5ad2..51fcf98 100644
--- a/lib/gnutls_session_pack.c
+++ b/lib/gnutls_session_pack.c
@@ -165,7 +165,7 @@ _gnutls_session_unpack (gnutls_session_t session,
       return GNUTLS_E_INTERNAL_ERROR;
     }
 
-  if (session->key->auth_info != NULL)
+  if (_gnutls_get_auth_info(session) != NULL)
     {
       _gnutls_free_auth_info (session);
     }
@@ -260,13 +260,6 @@ pack_certificate_auth_info (gnutls_session_t session,
   int cert_size, pack_size;
   cert_auth_info_t info = _gnutls_get_auth_info (session);
 
-
-  if (info == NULL && session->key->auth_info_size != 0)
-    {
-      gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
   if (info)
     {
       cert_size = 4;
@@ -510,12 +503,6 @@ pack_srp_auth_info (gnutls_session_t session, 
gnutls_datum_t * packed_session)
   srp_server_auth_info_t info = _gnutls_get_auth_info (session);
   int pack_size;
 
-  if (info == NULL && session->key->auth_info_size != 0)
-    {
-      gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
   if (info && info->username)
     pack_size = strlen (info->username) + 1;   /* include the terminating null 
*/
   else
@@ -619,12 +606,6 @@ pack_anon_auth_info (gnutls_session_t session, 
gnutls_datum_t * packed_session)
   int pos = 0;
   size_t pack_size;
 
-  if (info == NULL && session->key->auth_info_size != 0)
-    {
-      gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
   if (info)
     pack_size = 2 + 4 * 3 + info->dh.prime.size +
       info->dh.generator.size + info->dh.public_key.size;
@@ -783,12 +764,6 @@ pack_psk_auth_info (gnutls_session_t session, 
gnutls_datum_t * packed_session)
 
   info = _gnutls_get_auth_info (session);
 
-  if (info == NULL && session->key->auth_info_size != 0)
-    {
-      gnutls_assert ();
-      return GNUTLS_E_INVALID_REQUEST;
-    }
-
   if (info)
     {
       username_size = strlen (info->username) + 1;     /* include the 
terminating null */
diff --git a/lib/auth_dh_common.c b/lib/auth_dh_common.c
index 98f9ed4..20549ca 100644
--- a/lib/auth_dh_common.c
+++ b/lib/auth_dh_common.c
@@ -164,8 +164,6 @@ _gnutls_gen_dh_common_client_kx (gnutls_session_t session, 
opaque ** data)
       goto error;
     }
 
-  _gnutls_dh_set_peer_public (session, session->key->client_Y);
-
   /* THESE SHOULD BE DISCARDED */
   _gnutls_mpi_release (&session->key->client_Y);
   _gnutls_mpi_release (&session->key->client_p);
reply via email to
[Prev in Thread] Current Thread [Next in Thread]