[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Possible memory leaks (pki_crypto.c)
[Thread Prev] | [Thread Next]
- Subject: Possible memory leaks (pki_crypto.c)
- From: alvesfonseca@xxxxxxxxxxxx
- Reply-to: libssh@xxxxxxxxxx
- Date: Thu, 02 Oct 2014 15:10:38 -0300
- To: libssh@xxxxxxxxxx
Hi folks, I was experimenting libssh and I faced an issue when implementing a client application using 0.6.3 and Openssl. Meanwhile the server (I had also implemented) worked fine, my client was not releasing chunks of memory. After some days of painstakingly debugging, I realized that pki_signature_from_blob (reached only by the client-side) was not releasing memory correctly. After analizing the function, I found that DSA_SIG_new() and ECDSA_SIG_new() alloc the bignumbers used to represent the corresponding signatures. However, when using Openssl, the function make_string_bn() allocs bignumbers and overwrites the ones previously allocated by the *_SIG_new() functions. As a workaround, I just "ugly" patched my code to copy bignumbers content (and not overwrite the pointers already allocated). I recommend our crypto experts collaborators to check this issue. And thank you for the excellent work! Tiago Alves painstakingly debugging
| Re: Possible memory leaks (pki_crypto.c) | Jon Simons <jon@xxxxxxxxxxxxx> |