[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Possibly memory leak in ssh_pki_import_pubkey_blob() ?
[Thread Prev] | [Thread Next]
- Subject: Re: Possibly memory leak in ssh_pki_import_pubkey_blob() ?
- From: Jakub Jelen <jjelen@xxxxxxxxxx>
- Reply-to: libssh@xxxxxxxxxx
- Date: Wed, 2 Jul 2025 21:09:10 +0200
- To: libssh@xxxxxxxxxx
Hi, thank you for the report. The OpenSSL backend involved a lot of refactoring and cleanup over the last years and its possible the 0.10 branch has still some uncaight memory leaks. Frankly speaking, they are not of high priority now. I tried to backport what made sense, but this probably did not made it. If you are still interested in getting this fixed, please open an issue on gitlab and we will see what we can do: https://gitlab.com/libssh/libssh-mirror/-/issues But using the latest release (now 0.11), is your best bet, unless you need to support something old. Jakub On Mon, Jun 30, 2025 at 5:17 PM <g4-lisz@xxxxxxxxxxxx> wrote: > Now I tried with the latest source tarball (libssh-0.11.2) and the issue > has disappeared. > > So I guess this was a problem with libssh 0.10.4 and not with libcrypto... > > June 30, 2025 12:35 AM, g4-lisz@xxxxxxxxxxxx wrote: > > Hi there, > > I'm running my application with valgrind and always end with some lost > blocks. > > With --leak-check=full I get this errors: > > ==1885125== 128 (96 direct, 32 indirect) bytes in 4 blocks are definitely > lost in loss record 9 of 16 > ==1885125== at 0x4848899: malloc (in > /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) > ==1885125== by 0x4F1179D: CRYPTO_zalloc (in > /usr/lib/x86_64-linux-gnu/libcrypto.so.3) > ==1885125== by 0x4E42E13: BN_new (in > /usr/lib/x86_64-linux-gnu/libcrypto.so.3) > ==1885125== by 0x49363EC: ssh_make_string_bn (bignum.c:77) > ==1885125== by 0x4977D18: pki_pubkey_build_rsa (pki_crypto.c:1778) > ==1885125== by 0x4964869: pki_import_pubkey_buffer (pki.c:1389) > ==1885125== by 0x496523B: ssh_pki_import_pubkey_blob (pki.c:1704) > ==1885125== by 0x49317CF: ssh_agent_get_next_ident (agent.c:448) > ==1885125== by 0x4933756: ssh_userauth_agent (auth.c:981) > ==1885125== by 0x4933A4E: ssh_userauth_publickey_auto (auth.c:1121) > > Or > > ==1885125== 128 (96 direct, 32 indirect) bytes in 4 blocks are definitely > lost in loss record 8 of 16 > ==1885125== at 0x4848899: malloc (in > /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so) > ==1885125== by 0x4F1179D: CRYPTO_zalloc (in > /usr/lib/x86_64-linux-gnu/libcrypto.so.3) > ==1885125== by 0x4E42E13: BN_new (in > /usr/lib/x86_64-linux-gnu/libcrypto.so.3) > ==1885125== by 0x49363EC: ssh_make_string_bn (bignum.c:77) > ==1885125== by 0x4977D18: pki_pubkey_build_rsa (pki_crypto.c:1778) > ==1885125== by 0x4964869: pki_import_pubkey_buffer (pki.c:1389) > ==1885125== by 0x496523B: ssh_pki_import_pubkey_blob (pki.c:1704) > ==1885125== by 0x494725A: ssh_dh_import_next_pubkey_blob (dh.c:289) > ==1885125== by 0x4946746: ssh_packet_client_curve25519_reply > (curve25519.c:296) > ==1885125== by 0x495F343: ssh_packet_process (packet.c:1494) > ==1885125== by 0x495ECB8: ssh_packet_socket_callback (packet.c:1336) > > Or maybe this is an issue with libcrypto? > I compiled my program on PopOS (Ubuntu), which uses openssl libssl3 > 3.0.2-0ubuntu1.19 > And libssh version is 0.10.4, compiled from source package. > > For a simple application I would not worry about this, but this will be a > deamon running 24/7 and opening many SSH connections. > > Cheers, > Till > > > > > >
Archive administrator: postmaster@lists.cynapses.org