New submission from Robert Xiao <nneon...@gmail.com>:
_ssl.c has a memory leak in _get_peer_alt_names.
The `names' object is initialized here:
Modules/_ssl.c:601:
if (method->it)
names = (GENERAL_NAMES*)
(ASN1_item_d2i(NULL,
&p,
ext->value->length,
ASN1_ITEM_ptr(method->it)));
else
names = (GENERAL_NAMES*)
(method->d2i(NULL,
&p,
ext->value->length));
However, `names' is not freed after use, so it simply leaks.
Trivial patch:
--- a/Modules/_ssl.c 2011-09-03 12:16:46.000000000 -0400
+++ b/Modules/_ssl.c 2011-11-22 19:41:12.000000000 -0400
@@ -679,6 +679,8 @@
}
Py_DECREF(t);
}
+
+ sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
}
BIO_free(biobuf);
if (peer_alt_names != Py_None) {
I tested this with a private certificate containing a subjectAltName field, and
the following code:
import ssl, socket
sock = ssl.wrap_socket(socket.socket(), cert_reqs=ssl.CERT_REQUIRED)
sock.connect(('localhost', 443))
for i in range(100000):
x=sock._sslobj.peer_certificate()
Before this change, Python's memory usage would continually increase to about
45MB at the end of the loop. After this change, the memory usage stays constant
at around 6MB.
----------
components: Library (Lib)
messages: 148154
nosy: nneonneo
priority: normal
severity: normal
status: open
title: _ssl memory leak in _get_peer_alt_names
type: resource usage
versions: Python 3.2
_______________________________________
Python tracker <rep...@bugs.python.org>
<http://bugs.python.org/issue13458>
_______________________________________
_______________________________________________
Python-bugs-list mailing list
Unsubscribe:
http://mail.python.org/mailman/options/python-bugs-list/archive%40mail-archive.com
