[jira] [Comment Edited] (ZOOKEEPER-5007) Memory Leak in zookeeper_init_ssl

Fri, 13 Feb 2026 14:02:59 -0800 


    [ 
https://issues.apache.org/jira/browse/ZOOKEEPER-5007?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18058538#comment-18058538
 ] 

Arup Chauhan edited comment on ZOOKEEPER-5007 at 2/13/26 10:01 PM:
-------------------------------------------------------------------

I can take this, opening a draft PR for the same

I’ll trace the ownership of the strdup(cert) buffer in {{zookeeper_init_ssl}} 
to confirm whether zookeeper_init_internal copies the parsed fields or keeps 
pointers into the buffer.

Then I’ll fix the lifetime accordingly (free immediately if copied, otherwise 
store it on the handle and free during handle teardown).

I’ll also validate with ASan or Valgrind and add a regression check if possible.


was (Author: JIRAUSER312424):
I can take this, opening a draft PR for the same

I’ll trace the ownership of the strdup(cert) buffer in zookeeper_init_ssl to 
confirm whether zookeeper_init_internal copies the parsed fields or keeps 
pointers into the buffer. 

Then I’ll fix the lifetime accordingly (free immediately if copied, otherwise 
store it on the handle and free during handle teardown).

I’ll also validate with ASan or Valgrind and add a regression check if possible.

> Memory Leak in zookeeper_init_ssl
> ---------------------------------
>
>                 Key: ZOOKEEPER-5007
>                 URL: https://issues.apache.org/jira/browse/ZOOKEEPER-5007
>             Project: ZooKeeper
>          Issue Type: Bug
>          Components: c client
>    Affects Versions: 3.9.4
>            Reporter: Cyl
>            Priority: Major
>         Attachments: ssl_leak_poc.c
>
>
> The function {{zookeeper_init_ssl}} in 
> {{zookeeper-client/zookeeper-client-c/src/zookeeper.c}} allocates memory for 
> the certificate string using {{strdup}} but fails to free it before returning.
> File: {{zookeeper-client/zookeeper-client-c/src/zookeeper.c}} Function: 
> {{zookeeper_init_ssl}} (around line 1450)
> {code:java}
> zhandle_t *zookeeper_init_ssl(const char *host, const char *cert, watcher_fn 
> watcher,
>         int recv_timeout, const clientid_t *clientid, void *context, int 
> flags)
> {
>     zcert_t zcert;
>     zcert.certstr = strdup(cert); // <--- LEAK: Allocated here
>     zcert.ca = strtok(zcert.certstr, ",");
>     zcert.cert = strtok(NULL, ",");
>     zcert.key = strtok(NULL, ",");
>     zcert.passwd = strtok(NULL, ",");
>     return zookeeper_init_internal(host, watcher, recv_timeout, clientid, 
> context, flags, NULL, &zcert, NULL);
>     // <--- LEAK: zcert.certstr is never freed
> }
>  {code}



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

Reply via email to