Bug #9743
closedmemory leak in openssl ossl_pkey_verify leaks memory
Description
repeated calls to pub_key.verify(digest, signature, data)
leaks memory.
from what I can gather from the openssl documentation, there seems to be a missing call to EVP_MD_CTX_cleanup()
FILE: ossl_pkey.c
326 EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data));
327 switch (EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey)) {
328 case 0:
from the openssl docs:
http://www.openssl.org/docs/crypto/EVP_VerifyInit.html
The call to
EVP_VerifyFinal()
internally finalizes a copy of the digest context. This means that calls toEVP_VerifyUpdate()
andEVP_VerifyFinal()
can be called later to digest and verify additional data.
Since only a copy of the digest context is ever finalized the context must be cleaned up after use by callingEVP_MD_CTX_cleanup()
or a memory leak will occur.
Updated by nobu (Nobuyoshi Nakada) over 10 years ago
- Status changed from Open to Closed
- % Done changed from 0 to 100
Applied in changeset r45595.
ossl_pkey.c: fix memory leak
-
ext/openssl/ossl_pkey.c
(ossl_pkey_verify
): asEVP_VerifyFinal()
finalizes only a copy of the digest context, the context must be
cleaned up after initialization byEVP_MD_CTX_cleanup()
or a
memory leak will occur. [ruby-core:62038] [Bug #9743]
Updated by nobu (Nobuyoshi Nakada) over 10 years ago
- Description updated (diff)
- Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN to 1.9.3: REQUIRED, 2.0.0: REQUIRED, 2.1: REQUIRED
Updated by nagachika (Tomoyuki Chikanaga) over 10 years ago
- Backport changed from 1.9.3: REQUIRED, 2.0.0: REQUIRED, 2.1: REQUIRED to 1.9.3: REQUIRED, 2.0.0: REQUIRED, 2.1: DONE
r45595 was backported into ruby_2_1 at r45821.
Updated by usa (Usaku NAKAMURA) over 10 years ago
- Backport changed from 1.9.3: REQUIRED, 2.0.0: REQUIRED, 2.1: DONE to 1.9.3: REQUIRED, 2.0.0: DONE, 2.1: DONE
backported into ruby_2_0_0 at r45868.
Updated by usa (Usaku NAKAMURA) over 10 years ago
- Related to Backport #9746: backport r45595 added
Updated by vo.x (Vit Ondruch) over 10 years ago
This is causing test suite timeout on Fedora Rawhide ARM builder :/
https://kojipkgs.fedoraproject.org//work/tasks/4012/7074012/build.log
Updated by vo.x (Vit Ondruch) over 10 years ago
- Related to Bug #9984: OpenSSL::TestPKeyRSA#test_sign_verify_memory_leak timeouts on ARM added
Updated by zzak (zzak _) almost 10 years ago
- Status changed from Closed to Open
- Assignee set to zzak (zzak _)
- ruby -v changed from 2.1.1 to 2.2.0
Seeing this test failure on travis:
https://travis-ci.org/zzak/openssl/jobs/48587976
I think we should re-open this ticket until its resolved.
Updated by zzak (zzak _) over 9 years ago
- Status changed from Open to Closed
The failure has been fixed, so we can close this ticket.