[Help-gnutls] possible memory leak in _gnutls_free_auth_info()

Thu Nov 13 21:30:20 CET 2008

Hello,

I think I found a memory leak with PSK authentication. After one
successful gnutls_handshake on a fresh session, the leaks tool on my Mac
reports the memory leaks shown below (edited for readability).

I tracked this to a missing case for GNUTLS_CRD_PSK in
_gnutls_free_auth_info() and fixed it using the attached patch. It's
against 2.6.0 but applies cleanly to 2.6.2.

before:

michael at esgaroth:~ # leaks 93514
Process 93514: 4074 nodes malloced for 104 KB
Process 93514: 4 leaks for 592 total leaked bytes.

Leak: 0x31c540  size=304	string 'michael'
	Call stack: [thread 0xa03b9fa0]: | start | main |
gnutls_handshake | _gnutls_handshake_server |

_gnutls_send_server_kx_message | gen_psk_server_kx |
_gnutls_auth_info_set | calloc | malloc_zone_calloc 

Leak: 0x31c6f0  size=144	
	Call stack: [thread 0xa03b9fa0]: | start | main |
gnutls_handshake | _gnutls_handshake_server |
_gnutls_send_server_kx_message | gen_psk_server_kx |
_gnutls_dh_set_group | _gnutls_mpi_dprint_lz | malloc |
malloc_zone_malloc 

Leak: 0x31ca80  size=128	
	Call stack: [thread 0xa03b9fa0]: | start | main |
gnutls_handshake | _gnutls_handshake_server |
_gnutls_recv_client_kx_message | proc_psk_client_kx |
_gnutls_proc_dh_common_client_kx | _gnutls_dh_set_peer_public |
_gnutls_mpi_dprint_lz | malloc | malloc_zone_malloc 

Leak: 0x300a20  size=16	string 'UUUUUUUUUUUUUUU'
	Call stack: [thread 0xa03b9fa0]: | start | main |
gnutls_handshake | _gnutls_handshake_server |
_gnutls_send_server_kx_message | gen_psk_server_kx |
_gnutls_dh_set_group | _gnutls_mpi_dprint_lz | malloc |
malloc_zone_malloc 

after:

michael at esgaroth:~ # leaks 6276
Process 6276: 4070 nodes malloced for 104 KB
Process 6276: 0 leaks for 0 total leaked bytes.
-- 
Micha
-------------- next part --------------

--- gnutls-2.6.0/lib/gnutls_auth.c.orig	2008-10-05 15:41:43.000000000 +0200
+++ gnutls-2.6.0/lib/gnutls_auth.c	2008-11-13 20:55:23.000000000 +0100
@@ -31,6 +31,8 @@
 #include <gnutls_datum.h>
 
 #include "auth_anon.h"
+#include "auth_psk.h"
+
 /* The functions here are used in order for authentication algorithms
  * to be able to retrieve the needed credentials eg public and private
  * key etc.
@@ -342,6 +344,17 @@
 
 
       break;
+    case GNUTLS_CRD_PSK:
+      {
+	psk_auth_info_t info = _gnutls_get_auth_info (session);
+
+	if (info == NULL)
+	  break;
+
+	dh_info = &info->dh;
+	_gnutls_free_dh_info (dh_info);
+      }
+      break;
     default:
       return;
 
