GnuTLS leaks a file descriptor in _gnutls_psk_pwd_find_entry()

Simon Josefsson simon at josefsson.org
Thu Apr 3 10:00:44 CEST 2008


Laurence Withers <l at lwithers.me.uk> writes:

> Hi,
>
> I've found that GnuTLS leaks a file descriptor in 
> _gnutls_psk_pwd_find_entry() (from src/lib/auth_psk_pwd.c) . On line 
> 175, we see a call to open a file:
>
>   FILE* fd;
>   /* ... */
>   fd = fopen (cred->password_file, "r");
>
> However, there is no associated call to fclose. The attached patch, 
> against version 2.2.2, adds a call to fclose() in each of the possible 
> exit paths.
>
> I have tested it with the application in which I noticed the leak; the 
> leak no longer occurs. The patch also applies cleanly against 2.3.4, 
> although I did not perform a runtime test.

Hi!  Thanks for the report, I applied the patch both to gnutls_2_2_x and
master.

Thanks,
/Simon

> Bye for now,
> -- 
> Laurence Withers, <l at lwithers.me.uk>  --  jabber:l at jabber.lwithers.me.uk
> http://www.lwithers.me.uk/                             tel:+447753988197
>
> --- gnutls-2.2.2/lib/auth_psk_passwd.c.old	2008-04-02 18:00:52.000000000 +0000
> +++ gnutls-2.2.2/lib/auth_psk_passwd.c	2008-04-02 18:01:35.000000000 +0000
> @@ -195,11 +195,14 @@
>  	  if (ret < 0)
>  	    {
>  	      gnutls_assert ();
> +	      fclose (fd);
>  	      return GNUTLS_E_SRP_PWD_ERROR;
>  	    }
> +	  fclose (fd);
>  	  return 0;
>  	}
>      }
> +  fclose (fd);
>  
>    /* user was not found. Fake him. 
>     * the last index found and randomize the entry.
>
> _______________________________________________
> Gnutls-devel mailing list
> Gnutls-devel at gnu.org
> http://lists.gnu.org/mailman/listinfo/gnutls-devel





More information about the Gnutls-devel mailing list