Skip Menu |
 

This queue is for tickets about the Net-SSLeay CPAN distribution.

Report information
The Basics
Id: 121192
Status: resolved
Priority: 0/
Queue: Net-SSLeay

People
Owner: MIKEM [...] cpan.org
Requestors: Steffen_Ullrich [...] genua.de
Cc: NATARAJ [...] cpan.org
AdminCc:

Bug Information
Severity: (no value)
Broken in: (no value)
Fixed in: 1.83



Subject: memory leaks in OCSP handling - patch included
MIME-Version: 1.0
X-Mailer: MIME-tools 5.504 (Entity 5.504)
X-RT-Interface: Web
Message-ID: <rt-4.0.18-15954-1492367414-6.0-0-0 [...] rt.cpan.org>
X-RT-Original-Encoding: utf-8
Content-Type: multipart/mixed; boundary="----------=_1492367414-15954-3"
X-RT-Encrypt: 0
X-RT-Sign: 0
Content-Length: 0
Content-Disposition: inline
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: binary
Content-Length: 118
Download (untitled) / with headers
text/plain 118b
Hi, there are some small memory leaks in the OCSP handling. A tested patch against 1.81 is included. Regards, Steffen
Subject: Net-SSLeay-1.81.patch
MIME-Version: 1.0
Content-Type: text/x-patch; name="Net-SSLeay-1.81.patch"
X-Mailer: MIME-tools 5.504 (Entity 5.504)
Content-Disposition: inline; filename="Net-SSLeay-1.81.patch"
Content-Transfer-Encoding: binary
Content-Length: 1265
diff -uw Net-SSLeay-1.81.orig/SSLeay.xs Net-SSLeay-1.81/SSLeay.xs --- Net-SSLeay-1.81.orig/SSLeay.xs 2017-03-04 05:25:15.000000000 +0100 +++ Net-SSLeay-1.81/SSLeay.xs 2017-04-16 20:17:30.345322482 +0200 @@ -5959,7 +5959,7 @@ OCSP_CERTID *id; int i; STRLEN len; - unsigned char *pc,*pi; + unsigned char *pi; if (!ssl) croak("not a SSL object"); ctx = SSL_get_SSL_CTX(ssl); @@ -5974,15 +5974,15 @@ if (!(issuer = find_issuer(cert,store,chain))) croak("cannot find issuer certificate"); if (!(id = OCSP_cert_to_id(EVP_sha1(),cert,issuer))) - croak("out of memory for generating OCSO certid"); - if (!(len = i2d_OCSP_CERTID(id,NULL))) + croak("out of memory for generating OCSP certid"); + + pi = NULL; + if (!(len = i2d_OCSP_CERTID(id,&pi))) croak("OCSP certid has no length"); - Newx(pc,len,unsigned char); - if (!pc) croak("out of memory"); - pi = pc; - i2d_OCSP_CERTID(id,&pi); - XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); - Safefree(pc); + XPUSHs(sv_2mortal(newSVpvn((char *)pi, len))); + + free(pi); + OCSP_CERTID_free(id); } @@ -6204,6 +6204,7 @@ croak("%s", error); } } + OCSP_BASICRESP_free(bsr); if (!want_array) XPUSHs(sv_2mortal(newSViv(nextupd)));
MIME-Version: 1.0 (1.0)
X-Cpan.org: This message routed through the cpan.org mail forwarding service. Please use PAUSE pause.perl.org to configure your delivery settings.
X-Spam-Flag: NO
X-Virus-Scanned: Debian amavisd-new at bestpractical.com
content-type: text/plain; charset="utf-8"
X-Source-Sender: ([10.185.73.120]) [185.13.106.230]:42858
X-RT-Original-Encoding: utf-8
X-Spam-Score: -5.121
X-Source-Cap: bWlrZW07bWlrZW07Z2F0b3I0MTI5Lmhvc3RnYXRvci5jb20=
Received: from localhost (localhost [127.0.0.1]) by hipster.bestpractical.com (Postfix) with ESMTP id D6BCE2402B6 for <cpan-bug+Net-SSLeay [...] hipster.bestpractical.com>; Sun, 16 Apr 2017 15:40:58 -0400 (EDT)
Received: from hipster.bestpractical.com ([127.0.0.1]) by localhost (hipster.bestpractical.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 0uvv2bKPzPF5 for <cpan-bug+Net-SSLeay [...] hipster.bestpractical.com>; Sun, 16 Apr 2017 15:40:57 -0400 (EDT)
Received: from xx1.develooper.com (xx1.develooper.com [207.171.7.115]) by hipster.bestpractical.com (Postfix) with ESMTPS id E906E2401F6 for <bug-Net-SSLeay [...] rt.cpan.org>; Sun, 16 Apr 2017 15:40:56 -0400 (EDT)
Received: from localhost (xx1.develooper.com [127.0.0.1]) by localhost (Postfix) with ESMTP id 621A911D9C8 for <bug-Net-SSLeay [...] rt.cpan.org>; Sun, 16 Apr 2017 12:40:55 -0700 (PDT)
Received: from xx1.develooper.com (xx1.develooper.com [127.0.0.1]) by localhost (Postfix) with SMTP id 534C411DE58 for <bug-Net-SSLeay [...] rt.cpan.org>; Sun, 16 Apr 2017 12:40:48 -0700 (PDT)
Received: from gateway36.websitewelcome.com (gateway36.websitewelcome.com [192.185.185.36]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by xx1.develooper.com (Postfix) with ESMTPS id BAFB211DE54 for <bug-Net-SSLeay [...] rt.cpan.org>; Sun, 16 Apr 2017 12:40:41 -0700 (PDT)
Received: from cm6.websitewelcome.com (cm6.websitewelcome.com [108.167.139.19]) by gateway36.websitewelcome.com (Postfix) with ESMTP id 87557400E11ED for <bug-Net-SSLeay [...] rt.cpan.org>; Sun, 16 Apr 2017 14:18:26 -0500 (CDT)
Received: from gator4129.hostgator.com ([192.185.4.141]) by cm6.websitewelcome.com with id 97JR1v00732ZDfC017JSTU; Sun, 16 Apr 2017 14:18:26 -0500
Received: from [185.13.106.230] (port=42858 helo=[10.185.73.120]) by gator4129.hostgator.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.87) (envelope-from <mikem [...] airspayce.com>) id 1czpgn-000RXQ-4r for bug-Net-SSLeay [...] rt.cpan.org; Sun, 16 Apr 2017 14:18:25 -0500
Delivered-To: cpan-bug+Net-SSLeay [...] hipster.bestpractical.com
Subject: Re: [rt.cpan.org #121192] memory leaks in OCSP handling - patch included
Date: Sun, 16 Apr 2017 20:18:22 +0100
X-PMX-Spam: Gauge=IIIIIIII, Probability=8%, Report=' HTML_00_01 0.05, HTML_00_10 0.05, MIME_LOWER_CASE 0.05, SUPERLONG_LINE 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1900_1999 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_7000_LESS 0, IN_REP_TO 0, LEGITIMATE_SIGNS 0, MSG_THREAD 0, REFERENCES 0, SINGLE_URI_IN_BODY 0, SPF_NEUTRAL 0, URI_ENDS_IN_HTML 0, URI_WITH_PATH_ONLY 0, __ANY_URI 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __FORWARDED_MSG 0, __FRAUD_ANTIABUSE 0, __HAS_FROM 0, __HAS_MSGID 0, __HAS_X_MAILER 0, __HTTPS_URI 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_TEXT_P 0, __MIME_TEXT_P1 0, __MIME_VERSION 0, __MSGID_APPLEMAIL 0, __NO_HTML_TAG_RAW 0, __REFERENCES 0, __SANE_MSGID 0, __SINGLE_URI_TEXT 0, __SUBJ_ALPHA_END 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __TO_NO_NAME 0, __URI_IN_BODY 0, __URI_NOT_IMG 0, __URI_NO_WWW 0, __URI_NS , __URI_WITH_PATH 0, __blackholes.mail-abuse.org_TIMEOUT , __zen.spamhaus.org_ERROR '
X-Spam-Level:
X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2017.4.16.192717
X-Bwhitelist: no
To: bug-Net-SSLeay [...] rt.cpan.org
Content-Transfer-Encoding: quoted-printable
X-Source:
X-Source-Args:
In-Reply-To: <rt-4.0.18-15954-1492367415-399.121192-4-0 [...] rt.cpan.org>
X-Spam-Status: No, score=-5.121 tagged_above=-99.9 required=10 tests=[BAYES_00=-1.9, FROM_OUR_RT=-4, SPF_NEUTRAL=0.779] autolearn=ham
X-Mailer: iPhone Mail (14C92)
X-Source-Dir:
X-RT-Interface: API
References: <RT-Ticket-121192 [...] rt.cpan.org> <rt-4.0.18-15954-1492367415-399.121192-4-0 [...] rt.cpan.org>
Message-ID: <93ECE1DC-0F05-4690-A8E3-230866AB2C1E [...] airspayce.com>
X-Source-Auth: mikem [...] airspayce.com
X-Antiabuse: This header was added to track abuse, please include it with any abuse report
X-Antiabuse: Primary Hostname - gator4129.hostgator.com
X-Antiabuse: Original Domain - rt.cpan.org
X-Antiabuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-Antiabuse: Sender Address Domain - airspayce.com
X-Source-Ip: 185.13.106.230
Return-Path: <mikem [...] airspayce.com>
X-RT-Mail-Extension: net-ssleay
X-Original-To: cpan-bug+Net-SSLeay [...] hipster.bestpractical.com
X-Exim-ID: 1czpgn-000RXQ-4r
X-Greylist: delayed 1333 seconds by postgrey-1.34 at xx1.develooper.com; Sun, 16 Apr 2017 12:40:43 PDT
X-Email-Count: 1
From: Mike McCauley <mikem [...] airspayce.com>
RT-Message-ID: <rt-4.0.18-15954-1492371659-965.121192-0-0 [...] rt.cpan.org>
Content-Length: 1871
Download (untitled) / with headers
text/plain 1.8k
Thanks. It will be a few weeks before I can test and apply this. Cheers Sent from my iPhone Show quoted text
> On 16 Apr 2017, at 7:30 pm, Steffen Ullrich via RT <bug-Net-SSLeay@rt.cpan.org> wrote: > > Sun Apr 16 14:30:14 2017: Request 121192 was acted upon. > Transaction: Ticket created by SULLR > Queue: Net-SSLeay > Subject: memory leaks in OCSP handling - patch included > Broken in: (no value) > Severity: (no value) > Owner: Nobody > Requestors: Steffen_Ullrich@genua.de > Status: new > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=121192 > > > > Hi, > there are some small memory leaks in the OCSP handling. > A tested patch against 1.81 is included. > > Regards, > Steffen > diff -uw Net-SSLeay-1.81.orig/SSLeay.xs Net-SSLeay-1.81/SSLeay.xs --- Net-SSLeay-1.81.orig/SSLeay.xs 2017-03-04 05:25:15.000000000 +0100 +++ Net-SSLeay-1.81/SSLeay.xs 2017-04-16 20:17:30.345322482 +0200 @@ -5959,7 +5959,7 @@ OCSP_CERTID *id; int i; STRLEN len; - unsigned char *pc,*pi; + unsigned char *pi; if (!ssl) croak("not a SSL object"); ctx = SSL_get_SSL_CTX(ssl); @@ -5974,15 +5974,15 @@ if (!(issuer = find_issuer(cert,store,chain))) croak("cannot find issuer certificate"); if (!(id = OCSP_cert_to_id(EVP_sha1(),cert,issuer))) - croak("out of memory for generating OCSO certid"); - if (!(len = i2d_OCSP_CERTID(id,NULL))) + croak("out of memory for generating OCSP certid"); + + pi = NULL; + if (!(len = i2d_OCSP_CERTID(id,&pi))) croak("OCSP certid has no length"); - Newx(pc,len,unsigned char); - if (!pc) croak("out of memory"); - pi = pc; - i2d_OCSP_CERTID(id,&pi); - XPUSHs(sv_2mortal(newSVpv((char*)pc,len))); - Safefree(pc); + XPUSHs(sv_2mortal(newSVpvn((char *)pi, len))); + + free(pi); + OCSP_CERTID_free(id); } @@ -6204,6 +6204,7 @@ croak("%s", error); } } + OCSP_BASICRESP_free(bsr); if (!want_array) XPUSHs(sv_2mortal(newSViv(nextupd)));
MIME-Version: 1.0
In-Reply-To: <rt-4.0.18-15954-1492371659-965.121192-0-0 [...] rt.cpan.org>
X-Mailer: MIME-tools 5.504 (Entity 5.504)
Content-Disposition: inline
X-RT-Interface: Web
References: <RT-Ticket-121192 [...] rt.cpan.org> <rt-4.0.18-15954-1492367415-399.121192-4-0 [...] rt.cpan.org> <93ECE1DC-0F05-4690-A8E3-230866AB2C1E [...] airspayce.com> <rt-4.0.18-15954-1492371659-965.121192-0-0 [...] rt.cpan.org>
Content-Type: text/plain; charset="utf-8"
Message-ID: <rt-4.0.18-15139-1513021628-336.121192-0-0 [...] rt.cpan.org>
Content-Transfer-Encoding: binary
X-RT-Original-Encoding: utf-8
X-RT-Encrypt: 0
X-RT-Sign: 0
Content-Length: 176
Download (untitled) / with headers
text/plain 176b
On Sun Apr 16 15:40:59 2017, mikem@airspayce.com wrote: Show quoted text
> Thanks. It will be a few weeks before I can test and apply this. > > Cheers >
Is this request still outstanding?
MIME-Version: 1.0
X-Cpan.org: This message routed through the cpan.org mail forwarding service. Please use PAUSE pause.perl.org to configure your delivery settings.
X-Spam-Flag: NO
X-Virus-Scanned: Debian amavisd-new at bestpractical.com
content-type: text/plain; charset="utf-8"
X-Source-L: No
X-Source-Sender: 135.35.96.58.static.exetel.com.au (zulu.localnet) [58.96.35.135]:38772
X-RT-Original-Encoding: utf-8
X-Spam-Score: -5
X-Source-Cap: bWlrZW07bWlrZW07Z2F0b3I0MTI5Lmhvc3RnYXRvci5jb20=
Received: from localhost (localhost [127.0.0.1]) by hipster.bestpractical.com (Postfix) with ESMTP id 161E124027A for <cpan-bug+net-ssleay [...] hipster.bestpractical.com>; Mon, 11 Dec 2017 21:32:57 -0500 (EST)
Received: from hipster.bestpractical.com ([127.0.0.1]) by localhost (hipster.bestpractical.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id CdR6TrFK6zIH for <cpan-bug+net-ssleay [...] hipster.bestpractical.com>; Mon, 11 Dec 2017 21:32:54 -0500 (EST)
Received: from xx1.develooper.com (xx1.develooper.com [207.171.7.115]) by hipster.bestpractical.com (Postfix) with ESMTPS id 50DAC24015E for <bug-net-ssleay [...] rt.cpan.org>; Mon, 11 Dec 2017 21:32:54 -0500 (EST)
Received: from localhost (xx1.develooper.com [127.0.0.1]) by localhost (Postfix) with ESMTP id 17D1A11DE64 for <bug-net-ssleay [...] rt.cpan.org>; Mon, 11 Dec 2017 18:32:53 -0800 (PST)
Received: from xx1.develooper.com (xx1.develooper.com [127.0.0.1]) by localhost (Postfix) with SMTP id 122A511D9F2 for <bug-net-ssleay [...] rt.cpan.org>; Mon, 11 Dec 2017 18:32:09 -0800 (PST)
Received: from gateway34.websitewelcome.com (gateway34.websitewelcome.com [192.185.149.222]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by xx1.develooper.com (Postfix) with ESMTPS id 3E07011DCF7 for <bug-net-ssleay [...] rt.cpan.org>; Mon, 11 Dec 2017 18:31:56 -0800 (PST)
Received: from cm13.websitewelcome.com (cm13.websitewelcome.com [100.42.49.6]) by gateway34.websitewelcome.com (Postfix) with ESMTP id DF4FB1D4AE for <bug-net-ssleay [...] rt.cpan.org>; Mon, 11 Dec 2017 20:31:55 -0600 (CST)
Received: from gator4129.hostgator.com ([192.185.4.141]) by cmsmtp with SMTP id OaMNe5km0BUMKOaMNeIm89; Mon, 11 Dec 2017 20:31:55 -0600
Received: from 135.35.96.58.static.exetel.com.au ([58.96.35.135]:38772 helo=zulu.localnet) by gator4129.hostgator.com with esmtpsa (TLSv1.2:ECDHE-RSA-AES256-GCM-SHA384:256) (Exim 4.89) (envelope-from <mikem [...] airspayce.com>) id 1eOaMN-000Tzb-7W for bug-Net-SSLeay [...] rt.cpan.org; Mon, 11 Dec 2017 20:31:55 -0600
Delivered-To: cpan-bug+net-ssleay [...] hipster.bestpractical.com
Subject: Re: [rt.cpan.org #121192] memory leaks in OCSP handling - patch included
Date: Tue, 12 Dec 2017 12:31:53 +1000
X-PMX-Spam: Gauge=IIIIIIII, Probability=8%, Report=' HTML_00_01 0.05, HTML_00_10 0.05, BODYTEXTP_SIZE_3000_LESS 0, BODY_SIZE_1000_LESS 0, BODY_SIZE_2000_LESS 0, BODY_SIZE_5000_LESS 0, BODY_SIZE_600_699 0, BODY_SIZE_7000_LESS 0, INVALID_MSGID_NO_FQDN 0, IN_REP_TO 0, LEGITIMATE_SIGNS 0, MSG_THREAD 0, REFERENCES 0, SPF_NEUTRAL 0, URI_ENDS_IN_HTML 0, __ANY_URI 0, __BOUNCE_CHALLENGE_SUBJ 0, __BOUNCE_NDR_SUBJ_EXEMPT 0, __CP_URI_IN_BODY 0, __CT 0, __CTE 0, __CT_TEXT_PLAIN 0, __FORWARDED_MSG 0, __FRAUD_ANTIABUSE 0, __HAS_FROM 0, __HAS_MSGID 0, __HTTPS_URI 0, __IN_REP_TO 0, __MIME_TEXT_ONLY 0, __MIME_TEXT_P 0, __MIME_TEXT_P1 0, __MIME_VERSION 0, __MULTIPLE_URI_TEXT 0, __NO_HTML_TAG_RAW 0, __REFERENCES 0, __SANE_MSGID 0, __SUBJ_ALPHA_END 0, __SUBJ_ALPHA_NEGATE 0, __TO_MALFORMED_2 0, __TO_NO_NAME 0, __URI_IN_BODY 0, __URI_NOT_IMG 0, __URI_NS , __URI_WITHOUT_PATH 0, __URI_WITH_PATH 0, __blackholes.mail-abuse.org_TIMEOUT , __zen.spamhaus.org_ERROR '
X-Spam-Level:
X-PMX-Version: 5.6.1.2065439, Antispam-Engine: 2.7.2.376379, Antispam-Data: 2017.12.12.22116
X-Bwhitelist: no
To: bug-Net-SSLeay [...] rt.cpan.org
Content-Transfer-Encoding: 7Bit
X-Source:
X-Source-Args:
In-Reply-To: <rt-4.0.18-15139-1513021628-1251.121192-5-0 [...] rt.cpan.org>
X-Spam-Status: No, score=-5 tagged_above=-99.9 required=10 tests=[AWL=0.121, BAYES_00=-1.9, FROM_OUR_RT=-4, SPF_NEUTRAL=0.779] autolearn=ham
X-Source-Dir:
X-RT-Interface: API
X-Local-Domain: yes
References: <RT-Ticket-121192 [...] rt.cpan.org> <rt-4.0.18-15954-1492371659-965.121192-5-0 [...] rt.cpan.org> <rt-4.0.18-15139-1513021628-1251.121192-5-0 [...] rt.cpan.org>
Message-ID: <1690694.TWasKeLLkC [...] zulu>
X-Source-Auth: mikem [...] airspayce.com
X-Antiabuse: This header was added to track abuse, please include it with any abuse report
X-Antiabuse: Primary Hostname - gator4129.hostgator.com
X-Antiabuse: Original Domain - rt.cpan.org
X-Antiabuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-Antiabuse: Sender Address Domain - airspayce.com
Organization: AirSpayce Pty Ltd
X-Source-Ip: 58.96.35.135
Return-Path: <mikem [...] airspayce.com>
X-RT-Mail-Extension: net-ssleay
X-Original-To: cpan-bug+net-ssleay [...] hipster.bestpractical.com
X-Exim-ID: 1eOaMN-000Tzb-7W
X-Email-Count: 1
From: Mike McCauley <mikem [...] airspayce.com>
RT-Message-ID: <rt-4.0.18-8829-1513045977-422.121192-0-0 [...] rt.cpan.org>
Content-Length: 655
Download (untitled) / with headers
text/plain 655b
Hmmm, somehow this patch got lost. Its now in SVN 510 and wuill be in the next release. Sorry. Cheers. On Tuesday, December 12, 2017 5:47:10 AM AEST Todd Rinaldo via RT wrote: Show quoted text
> Queue: Net-SSLeay > Ticket <URL: https://rt.cpan.org/Ticket/Display.html?id=121192 > > > On Sun Apr 16 15:40:59 2017, mikem@airspayce.com wrote:
> > Thanks. It will be a few weeks before I can test and apply this. > > > > Cheers
> > Is this request still outstanding?
-- Mike McCauley VK4AMM mikem@airspayce.com Airspayce Pty Ltd 9 Bulbul Place Currumbin Waters QLD 4223 Australia http://www.airspayce.com Phone +61 7 5598-7474


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.