Memory leak in 2.xx

Sam Varshavchik mrsam at courier-mta.com
Thu Mar 8 14:21:54 CET 2012


In 2.12.14 _rsa_generate_params() has a stray "tmp = _gnutls_mpi_alloc_like  
(resarr[0]);". The malloc-ed memory never gets freed.

Looks like this code is gone in 3.x, so only 2.x is impacted.

This is called from gnutls_x509_privkey_generate(). A long-running  
application that keeps creating private keys, for temporary use, and  
destroying them after use, will end up leaking memory. This is also in the  
code path for temporary RSA parameter generation when using export-grade RSA  
keys. This will also leak memory.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: </pipermail/attachments/20120308/09b856b7/attachment.pgp>


More information about the Gnutls-devel mailing list