Skip to content

Comments

Fix memory leaks in CA related functions.#4700

Closed
PavelKopyl wants to merge 1 commit intoopenssl:masterfrom
PavelKopyl:fix_memory_leaks
Closed

Fix memory leaks in CA related functions.#4700
PavelKopyl wants to merge 1 commit intoopenssl:masterfrom
PavelKopyl:fix_memory_leaks

Conversation

@PavelKopyl
Copy link
Contributor

@PavelKopyl PavelKopyl commented Nov 8, 2017

Fix memory leaks in CA related functions.
CLA: trivial

Checklist
  • documentation is added or updated
  • tests are added or updated

@mattcaswell
Copy link
Member

mattcaswell commented Nov 8, 2017

@PavelKopyl do you think you could submit a CLA please? I think we are starting to stray beyond the "trivial" exception.

@PavelKopyl
Copy link
Contributor Author

PavelKopyl commented Nov 8, 2017

Ok, I'll start an approval to sign the CLA, but it may take some time.

@mattcaswell
Copy link
Member

mattcaswell commented Nov 8, 2017

If this is a corporate contribution then you will need to send both a CCLA from your company and an ICLA for yourself.

@mattcaswell mattcaswell added the hold: cla required The contributor needs to submit a license agreement label Nov 9, 2017
@openssl-machine openssl-machine removed the hold: cla required The contributor needs to submit a license agreement label Jan 16, 2018
mattcaswell
mattcaswell requested changes Jan 24, 2018
View reviewed changes
Copy link
Member

@mattcaswell mattcaswell left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Looks good. Which branches does this apply to aside from master? 1.1.0? 1.0.2?

apps/ca.c Outdated
Copy link
Member

@mattcaswell mattcaswell Jan 24, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Shouldn't we also free x here too?

Copy link
Contributor Author

@PavelKopyl PavelKopyl Jan 28, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Yes, you're right.

Copy link
Contributor Author

@PavelKopyl PavelKopyl Jan 28, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Some changes are required to apply it to 1.1.0 and 1.0.2. I'll make appropriate pull requests.

@mattcaswell mattcaswell added this to the 1.1.1 milestone Jan 24, 2018
richsalz
richsalz approved these changes Mar 7, 2018
View reviewed changes
crypto/engine/eng_lib.c
item = int_cleanup_item(cb);
if (item)
sk_ENGINE_CLEANUP_ITEM_push(cleanup_stack, item);
if (item) {
Copy link
Contributor

@richsalz richsalz Mar 7, 2018

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Should that be tested against NULL? Not worth delaying this PR if it will take awhile to get around to fixing that nit.

@mattcaswell
Copy link
Member

mattcaswell commented Mar 21, 2018

Looks like this is in need of a rebase.

@levitte
Copy link
Member

levitte commented Apr 19, 2018

The conflict in apps/ca.c is this:

<<<<<<< HEAD
    if (ok != 1) {
=======
    if (irow != NULL || ok <= 0) {
>>>>>>> Fix memory leaks in CA related functions.

As far as I can see, we can simply drop the apps/ca.c change and use the rest. If a merge can be approved under those conditions, I can do it.

richsalz
richsalz approved these changes Apr 19, 2018
View reviewed changes
Copy link
Contributor

@richsalz richsalz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

You'll keep the first ca.c change, right?
And can you fix my "test against NULL" nit?
Approved either way.

levitte pushed a commit that referenced this pull request May 2, 2018
@levitte
Fix memory leaks in CA related functions.
aebd0e5 
Reviewed-by: Rich Salz <[email protected]>
Reviewed-by: Richard Levitte <[email protected]>
(Merged from #4700)
@levitte
Copy link
Member

levitte commented May 2, 2018

Merged into master / 1.1.1, with the test against NULL nit fixed.

aebd0e5 Fix memory leaks in CA related functions.

@levitte
Copy link
Member

levitte commented May 2, 2018

This doesn't cherry-pick cleanly to 1.1.0, although that's only because of a small nit, 1.1.0 has an assertion that isn't in 1.1.1:

diff --cc crypto/conf/conf_api.c
index 5535416ab3,9606b7f222..0000000000
--- a/crypto/conf/conf_api.c
+++ b/crypto/conf/conf_api.c
@@@ -204,7 -204,8 +204,12 @@@ CONF_VALUE *_CONF_new_section(CONF *con
      v->value = (char *)sk;
  
      vv = lh_CONF_VALUE_insert(conf->data, v);
++<<<<<<< HEAD
 +    OPENSSL_assert(vv == NULL);
++=======
+     if (vv != NULL || lh_CONF_VALUE_error(conf->data) > 0)
+         goto err;
++>>>>>>> aebd0e5ca1... Fix memory leaks in CA related functions.
      return v;
  
   err:

Porting this to 1.0.2 is more extensive.

@mspncp
Copy link
Contributor

mspncp commented May 12, 2018

@levitte, this pr was merged to master in aebd0e5. Can it be closed now, or do you still intend to do some backporting?

This was referenced May 12, 2018
Closed
Closed
@levitte
Copy link
Member

levitte commented May 12, 2018

See #6237 and #6238

@levitte
Copy link
Member

levitte commented Jun 21, 2018

The backports are merged, closing this.

@levitte levitte closed this Jun 21, 2018
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@mattcaswell mattcaswell mattcaswell requested changes

+1 more reviewer

@richsalz richsalz richsalz approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

1.1.1

Development

Successfully merging this pull request may close these issues.

6 participants

@PavelKopyl @mattcaswell @levitte @mspncp @richsalz @openssl-machine