Skip Menu |

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 121192
Status: resolved
Priority: 0/
Queue: Net-SSLeay
People
Owner: MIKEM [...] cpan.org
Requestors: Steffen_Ullrich [...] genua.de
Cc: NATARAJ [...] cpan.org
AdminCc:
Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: 1.83

History Show all quoted text
  Sun Apr 16 14:30:14 2017 Steffen_Ullrich [...] genua.de - Ticket created
Subject: memory leaks in OCSP handling - patch included
Hi, there are some small memory leaks in the OCSP handling. A tested patch against 1.81 is included. Regards, Steffen
Subject: Net-SSLeay-1.81.patch
diff -uw Net-SSLeay-1.81.orig/SSLeay.xs Net-SSLeay-1.81/SSLeay.xs --- Net-SSLeay-1.81.orig/SSLeay.xs 2017-03-04 05:25:15.000000000 +0100 +++ Net-SSLeay-1.81/SSLeay.xs 2017-04-16 20:17:30.345322482 +0200 @@ -5959,7 +5959,7 @@ OCSP_CERTID *id; int i; STRLEN len; - unsigned char *pc,*pi; + unsigned char *pi; if (!ssl) croak("not a SSL object"); ctx = SSL_get_SSL_CTX(ssl); @@ -5974,15 +5974,15 @@ if (!(issuer = find_issuer(cert,store,chain))) croak("cannot find issuer certificate"); if (!(id = OCSP_cert_to_id(EVP_sha1(),cert,issuer))) - croak("out of memory for generating OCSO certid"); - if (!(len = i2d_OCSP_CERTID(id,NULL))) + croak("out of memory for generating OCSP certid"); + + pi = NULL; + if (!(len = i2d_OCSP_CERTID(id,&pi))) croak("OCSP certid has no length"); - Newx(pc,len,unsigned char); - if (!pc) croak("out of memory"); - pi = pc; - i2d_OCSP_CERTID(id,&pi); - XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); - Safefree(pc); + XPUSHs(sv_2mortal(newSVpvn((char *)pi, len))); + + free(pi); + OCSP_CERTID_free(id); } @@ -6204,6 +6204,7 @@ croak("%s", error); } } + OCSP_BASICRESP_free(bsr); if (!want_array) XPUSHs(sv_2mortal(newSViv(nextupd)));
  Sun Apr 16 15:40:59 2017 mikem [...] airspayce.com - Correspondence added
Subject: Re: [rt.cpan.org #121192] memory leaks in OCSP handling - patch included
Date: Sun, 16 Apr 2017 20:18:22 +0100
To: bug-Net-SSLeay [...] rt.cpan.org
From: Mike McCauley <mikem [...] airspayce.com>
Thanks. It will be a few weeks before I can test and apply this. Cheers Sent from my iPhone Show quoted text
> On 16 Apr 2017, at 7:30 pm, Steffen Ullrich via RT <bug-Net-SSLeay@rt.cpan.org> wrote: > > Sun Apr 16 14:30:14 2017: Request 121192 was acted upon. > Transaction: Ticket created by SULLR > Queue: Net-SSLeay > Subject: memory leaks in OCSP handling - patch included > Broken in: (no value) > Severity: (no value) > Owner: Nobody > Requestors: Steffen_Ullrich@genua.de > Status: new > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=121192 > > > > Hi, > there are some small memory leaks in the OCSP handling. > A tested patch against 1.81 is included. > > Regards, > Steffen > diff -uw Net-SSLeay-1.81.orig/SSLeay.xs Net-SSLeay-1.81/SSLeay.xs --- Net-SSLeay-1.81.orig/SSLeay.xs 2017-03-04 05:25:15.000000000 +0100 +++ Net-SSLeay-1.81/SSLeay.xs 2017-04-16 20:17:30.345322482 +0200 @@ -5959,7 +5959,7 @@ OCSP_CERTID *id; int i; STRLEN len; - unsigned char *pc,*pi; + unsigned char *pi; if (!ssl) croak("not a SSL object"); ctx = SSL_get_SSL_CTX(ssl); @@ -5974,15 +5974,15 @@ if (!(issuer = find_issuer(cert,store,chain))) croak("cannot find issuer certificate"); if (!(id = OCSP_cert_to_id(EVP_sha1(),cert,issuer))) - croak("out of memory for generating OCSO certid"); - if (!(len = i2d_OCSP_CERTID(id,NULL))) + croak("out of memory for generating OCSP certid"); + + pi = NULL; + if (!(len = i2d_OCSP_CERTID(id,&pi))) croak("OCSP certid has no length"); - Newx(pc,len,unsigned char); - if (!pc) croak("out of memory"); - pi = pc; - i2d_OCSP_CERTID(id,&pi); - XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); - Safefree(pc); + XPUSHs(sv_2mortal(newSVpvn((char *)pi, len))); + + free(pi); + OCSP_CERTID_free(id); } @@ -6204,6 +6204,7 @@ croak("%s", error); } } + OCSP_BASICRESP_free(bsr); if (!want_array) XPUSHs(sv_2mortal(newSViv(nextupd)));
  Sun Apr 16 15:41:01 2017 The RT System itself - Status changed from 'new' to 'open'
  Sun Nov 05 04:08:51 2017 NATARAJ [...] cpan.org - Cc NATARAJ added
  Mon Dec 11 14:47:08 2017 TODDR [...] cpan.org - Correspondence added
On Sun Apr 16 15:40:59 2017, mikem@airspayce.com wrote: Show quoted text
> Thanks. It will be a few weeks before I can test and apply this. > > Cheers >
Is this request still outstanding?
  Mon Dec 11 21:32:57 2017 mikem [...] airspayce.com - Correspondence added
Subject: Re: [rt.cpan.org #121192] memory leaks in OCSP handling - patch included
Date: Tue, 12 Dec 2017 12:31:53 +1000
To: bug-Net-SSLeay [...] rt.cpan.org
From: Mike McCauley <mikem [...] airspayce.com>
Hmmm, somehow this patch got lost. Its now in SVN 510 and wuill be in the next release. Sorry. Cheers. On Tuesday, December 12, 2017 5:47:10 AM AEST Todd Rinaldo via RT wrote: Show quoted text
> Queue: Net-SSLeay > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=121192 > > > On Sun Apr 16 15:40:59 2017, mikem@airspayce.com wrote:
> > Thanks. It will be a few weeks before I can test and apply this. > > > > Cheers
> > Is this request still outstanding?
-- Mike McCauley VK4AMM mikem@airspayce.com Airspayce Pty Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.airspayce.com Phone +61 7 5598-7474
  Sun Jul 08 20:38:38 2018 chrisn [...] cpan.org - Status changed from 'open' to 'resolved'
  Sun Jul 08 20:38:38 2018 chrisn [...] cpan.org - Given to MIKEM
  Sun Jul 08 20:38:39 2018 chrisn [...] cpan.org - Fixed in 1.83 added