GnuTLS leaks a file descriptor in _gnutls_psk_pwd_find_entry()
Laurence Withers
l at lwithers.me.uk
Wed Apr 2 20:15:36 CEST 2008
Hi,
I've found that GnuTLS leaks a file descriptor in
_gnutls_psk_pwd_find_entry() (from src/lib/auth_psk_pwd.c) . On line
175, we see a call to open a file:
FILE* fd;
/* ... */
fd = fopen (cred->password_file, "r");
However, there is no associated call to fclose. The attached patch,
against version 2.2.2, adds a call to fclose() in each of the possible
exit paths.
I have tested it with the application in which I noticed the leak; the
leak no longer occurs. The patch also applies cleanly against 2.3.4,
although I did not perform a runtime test.
Bye for now,
--
Laurence Withers, <l at lwithers.me.uk> -- jabber:l at jabber.lwithers.me.uk
http://www.lwithers.me.uk/ tel:+447753988197
-------------- next part --------------
A non-text attachment was scrubbed...
Name: gnutls-2.2.2-fix-fd-leak.patch
Type: text/x-diff
Size: 444 bytes
Desc: not available
URL: </pipermail/attachments/20080402/2939f8f3/attachment.patch>
More information about the Gnutls-devel
mailing list