I am having real trouble tracking down a memory leak when using RSA
certificates via the MSCrypto interface. I have already fixed one error
in the WinCAPICryptoKeyRSA() destructor.. (see previous thread). But
memory is still being leaked when DSIGSignature::verify() gets called.
Steps used .. To reproduce behaviour are simple
A) I Load a document digitally signed by RSA private key
B) Install the certificate into the Windows key store
C) Use the WINCAPI interface to load the certificate
The leak happens when DSIGSignature::verify() is called. It does not
matter verification is successful or not. I can provide a test driver
and source to reproduce the behaviour.
Has anybody got any ideas ... ? Where to look next.
I am using the very latest version of XSEC (dloaded from CVS on the 14th
Oct 05)
// change ~WinCAPICryptoKeyRSA and comment out the sig->verify() and no
leaks occur
// uncomment out sig->verify() and memory is leaked
XercesDOMParser parser;
parser.setDoNamespaces(true);
parser.setCreateEntityReferenceNodes(true);
parser.setDoSchema(true);
MemBufInputSource *memIS = new MemBufInputSource((const XMLByte
*)buffer, bufferLen, "XSECMem", false);
parser.parse(*memIS);
delete memIS; // destroy as soon as possible
if(parser.getErrorCount() > 0)
exit(1);
// Now create a signature object to validate the document
XSECProvider prov;
DSIGSignature *sig = prov.newSignatureFromDOM(parser.getDocument());
sig->registerIdAttributeName(config.idAttributeName);
sig->registerIdAttributeNameNS(config.idAttributeNS,
config.idAttributeName);
sig->load();
XSECCryptoKey *clone = X509->clonePublicKey();
sig->setSigningKey(clone);
sig->verify(); // leak here.. With the
WinCAPICryptoKeyRSA::~WinCAPICryptoKeyRSA() fix in place
// commenting out sig->verify()
stops leaks.
prov.releaseSignature(sig);
