[openssl-commits] [openssl] OpenSSL_1_1_1-stable update
The branch OpenSSL_1_1_1-stable has been updated via 492f70645ca912d82af02b9bc06e9472bf0730a0 (commit) from 781378dacaac8357e8df5b3ab5e811962dd72bc2 (commit) - Log - commit 492f70645ca912d82af02b9bc06e9472bf0730a0 Author: Corey Minyard Date: Mon Jan 21 17:47:02 2019 +1000 Fix a memory leak in the mem bio If you use a BIO and set up your own buffer that is not freed, the memory bio will leak the BIO_BUF_MEM object it allocates. The trouble is that the BIO_BUF_MEM is allocated and kept around, but it is not freed if BIO_NOCLOSE is set. The freeing of BIO_BUF_MEM was fairly confusing, simplify things so mem_buf_free only frees the memory buffer and free the BIO_BUF_MEM in mem_free(), where it should be done. Alse add a test for a leak in the memory bio Setting a memory buffer caused a leak. Signed-off-by: Corey Minyard Reviewed-by: Bernd Edlinger Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8051) (cherry picked from commit c6048af23c577bcf85f15122dd03b65f959c9ecb) --- Summary of changes: crypto/bio/bss_mem.c | 24 ++ test/bio_memleak_test.c| 54 ++ test/build.info| 6 ++- .../{04-test_err.t => 90-test_bio_memleak.t} | 2 +- 4 files changed, 74 insertions(+), 12 deletions(-) create mode 100644 test/bio_memleak_test.c copy test/recipes/{04-test_err.t => 90-test_bio_memleak.t} (87%) diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index e0a97c3..26caa65 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -20,7 +20,7 @@ static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2); static int mem_new(BIO *h); static int secmem_new(BIO *h); static int mem_free(BIO *data); -static int mem_buf_free(BIO *data, int free_all); +static int mem_buf_free(BIO *data); static int mem_buf_sync(BIO *h); static const BIO_METHOD mem_method = { @@ -140,10 +140,20 @@ static int secmem_new(BIO *bi) static int mem_free(BIO *a) { -return mem_buf_free(a, 1); +BIO_BUF_MEM *bb; + +if (a == NULL) +return 0; + +bb = (BIO_BUF_MEM *)a->ptr; +if (!mem_buf_free(a)) +return 0; +OPENSSL_free(bb->readp); +OPENSSL_free(bb); +return 1; } -static int mem_buf_free(BIO *a, int free_all) +static int mem_buf_free(BIO *a) { if (a == NULL) return 0; @@ -155,11 +165,6 @@ static int mem_buf_free(BIO *a, int free_all) if (a->flags & BIO_FLAGS_MEM_RDONLY) b->data = NULL; BUF_MEM_free(b); -if (free_all) { -OPENSSL_free(bb->readp); -OPENSSL_free(bb); -} -a->ptr = NULL; } return 1; } @@ -266,11 +271,10 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) } break; case BIO_C_SET_BUF_MEM: -mem_buf_free(b, 0); +mem_buf_free(b); b->shutdown = (int)num; bbm->buf = ptr; *bbm->readp = *bbm->buf; -b->ptr = bbm; break; case BIO_C_GET_BUF_MEM_PTR: if (ptr != NULL) { diff --git a/test/bio_memleak_test.c b/test/bio_memleak_test.c new file mode 100644 index 000..36680e3 --- /dev/null +++ b/test/bio_memleak_test.c @@ -0,0 +1,54 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ +#include +#include +#include +#include + +#include "testutil.h" + +static int test_bio_memleak(void) +{ +int ok = 0; +BIO *bio; +BUF_MEM bufmem; +const char *str = "BIO test\n"; +char buf[100]; + +bio = BIO_new(BIO_s_mem()); +if (bio == NULL) +goto finish; +bufmem.length = strlen(str) + 1; +bufmem.data = (char *) str; +bufmem.max = bufmem.length; +BIO_set_mem_buf(bio, , BIO_NOCLOSE); +BIO_set_flags(bio, BIO_FLAGS_MEM_RDONLY); + +if (BIO_read(bio, buf, sizeof(buf)) <= 0) + goto finish; + +ok = strcmp(buf, str) == 0; + +finish: +BIO_free(bio); +return ok; +} + +int global_init(void) +{ +CRYPTO_set_mem_debug(1); +CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); +return 1; +} + +int setup_tests(void) +{ +ADD_TEST(test_bio_memleak); +return 1; +} diff --git a/test/build.info b/test/build.info index 3ab09ac..fdf0a3c 100644 --- a/test/build.info +++ b/test/build.info @@ -41,7 +41,7 @@ INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=MAIN packettest asynctest secmemtest srptest memleaktest stack_test \
[openssl-commits] [openssl] master update
The branch master has been updated via c6048af23c577bcf85f15122dd03b65f959c9ecb (commit) from 37842dfaebcf28b4ca452c6abd93ebde1b4aa6dc (commit) - Log - commit c6048af23c577bcf85f15122dd03b65f959c9ecb Author: Corey Minyard Date: Mon Jan 21 17:47:02 2019 +1000 Fix a memory leak in the mem bio If you use a BIO and set up your own buffer that is not freed, the memory bio will leak the BIO_BUF_MEM object it allocates. The trouble is that the BIO_BUF_MEM is allocated and kept around, but it is not freed if BIO_NOCLOSE is set. The freeing of BIO_BUF_MEM was fairly confusing, simplify things so mem_buf_free only frees the memory buffer and free the BIO_BUF_MEM in mem_free(), where it should be done. Alse add a test for a leak in the memory bio Setting a memory buffer caused a leak. Signed-off-by: Corey Minyard Reviewed-by: Bernd Edlinger Reviewed-by: Paul Dale (Merged from https://github.com/openssl/openssl/pull/8051) --- Summary of changes: crypto/bio/bss_mem.c | 24 ++ test/bio_memleak_test.c| 54 ++ test/build.info| 6 ++- .../{04-test_err.t => 90-test_bio_memleak.t} | 4 +- 4 files changed, 75 insertions(+), 13 deletions(-) create mode 100644 test/bio_memleak_test.c copy test/recipes/{04-test_err.t => 90-test_bio_memleak.t} (70%) diff --git a/crypto/bio/bss_mem.c b/crypto/bio/bss_mem.c index ee9ea91..89c54b2 100644 --- a/crypto/bio/bss_mem.c +++ b/crypto/bio/bss_mem.c @@ -20,7 +20,7 @@ static long mem_ctrl(BIO *h, int cmd, long arg1, void *arg2); static int mem_new(BIO *h); static int secmem_new(BIO *h); static int mem_free(BIO *data); -static int mem_buf_free(BIO *data, int free_all); +static int mem_buf_free(BIO *data); static int mem_buf_sync(BIO *h); static const BIO_METHOD mem_method = { @@ -140,10 +140,20 @@ static int secmem_new(BIO *bi) static int mem_free(BIO *a) { -return mem_buf_free(a, 1); +BIO_BUF_MEM *bb; + +if (a == NULL) +return 0; + +bb = (BIO_BUF_MEM *)a->ptr; +if (!mem_buf_free(a)) +return 0; +OPENSSL_free(bb->readp); +OPENSSL_free(bb); +return 1; } -static int mem_buf_free(BIO *a, int free_all) +static int mem_buf_free(BIO *a) { if (a == NULL) return 0; @@ -155,11 +165,6 @@ static int mem_buf_free(BIO *a, int free_all) if (a->flags & BIO_FLAGS_MEM_RDONLY) b->data = NULL; BUF_MEM_free(b); -if (free_all) { -OPENSSL_free(bb->readp); -OPENSSL_free(bb); -} -a->ptr = NULL; } return 1; } @@ -266,11 +271,10 @@ static long mem_ctrl(BIO *b, int cmd, long num, void *ptr) } break; case BIO_C_SET_BUF_MEM: -mem_buf_free(b, 0); +mem_buf_free(b); b->shutdown = (int)num; bbm->buf = ptr; *bbm->readp = *bbm->buf; -b->ptr = bbm; break; case BIO_C_GET_BUF_MEM_PTR: if (ptr != NULL) { diff --git a/test/bio_memleak_test.c b/test/bio_memleak_test.c new file mode 100644 index 000..36680e3 --- /dev/null +++ b/test/bio_memleak_test.c @@ -0,0 +1,54 @@ +/* + * Copyright 2018 The OpenSSL Project Authors. All Rights Reserved. + * + * Licensed under the OpenSSL license (the "License"). You may not use + * this file except in compliance with the License. You can obtain a copy + * in the file LICENSE in the source distribution or at + * https://www.openssl.org/source/license.html + */ +#include +#include +#include +#include + +#include "testutil.h" + +static int test_bio_memleak(void) +{ +int ok = 0; +BIO *bio; +BUF_MEM bufmem; +const char *str = "BIO test\n"; +char buf[100]; + +bio = BIO_new(BIO_s_mem()); +if (bio == NULL) +goto finish; +bufmem.length = strlen(str) + 1; +bufmem.data = (char *) str; +bufmem.max = bufmem.length; +BIO_set_mem_buf(bio, , BIO_NOCLOSE); +BIO_set_flags(bio, BIO_FLAGS_MEM_RDONLY); + +if (BIO_read(bio, buf, sizeof(buf)) <= 0) + goto finish; + +ok = strcmp(buf, str) == 0; + +finish: +BIO_free(bio); +return ok; +} + +int global_init(void) +{ +CRYPTO_set_mem_debug(1); +CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON); +return 1; +} + +int setup_tests(void) +{ +ADD_TEST(test_bio_memleak); +return 1; +} diff --git a/test/build.info b/test/build.info index 962af11..2e17a5f 100644 --- a/test/build.info +++ b/test/build.info @@ -42,7 +42,7 @@ INCLUDE_MAIN___test_libtestutil_OLB = /INCLUDE=main packettest asynctest secmemtest srptest memleaktest stack_test \ dtlsv1listentest ct_test threadstest afalgtest d2i_test \ ssl_test_ctx_test ssl_test x509aux
[openssl-commits] Still FAILED build of OpenSSL branch master with options -d --strict-warnings no-dso
Platform and configuration command: $ uname -a Linux run 4.4.0-135-generic #161-Ubuntu SMP Mon Aug 27 10:45:01 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux $ CC=clang ../openssl/config -d --strict-warnings no-dso Commit log since last time: 37842dfaeb Add missing EVP_MD documentation 69738dadcd s_client: Add basic proxy authentication support Build log ended with (last 100 lines): ../../openssl/test/recipes/30-test_pkey_meth.t ok ../../openssl/test/recipes/30-test_pkey_meth_kdf.t ok ../../openssl/test/recipes/40-test_rehash.t ... ok ../../openssl/test/recipes/60-test_x509_check_cert_pkey.t . ok ../../openssl/test/recipes/60-test_x509_dup_cert.t ok ../../openssl/test/recipes/60-test_x509_store.t ... ok ../../openssl/test/recipes/60-test_x509_time.t ok ../../openssl/test/recipes/70-test_asyncio.t .. ok ../../openssl/test/recipes/70-test_bad_dtls.t . ok ../../openssl/test/recipes/70-test_clienthello.t .. ok ../../openssl/test/recipes/70-test_comp.t . skipped: test_comp needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_key_share.t skipped: test_key_share needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_packet.t ... ok ../../openssl/test/recipes/70-test_recordlen.t ok ../../openssl/test/recipes/70-test_renegotiation.t skipped: test_renegotiation needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_servername.t ... ok ../../openssl/test/recipes/70-test_sslcbcpadding.t skipped: test_sslcbcpadding needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslcertstatus.t skipped: test_sslcertstatus needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslextension.t . skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslmessages.t .. skipped: test_sslmessages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslrecords.t ... skipped: test_sslrecords needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsessiontick.t ... skipped: test_sslsessiontick needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsigalgs.t ... skipped: test_sslsigalgs needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslsignature.t . skipped: test_sslsignature needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslskewith0p.t . skipped: test_sslskewith0p needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslversions.t .. skipped: test_sslversions needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_sslvertol.t skipped: test_sslextension needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13alerts.t .. skipped: test_tls13alerts needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13cookie.t .. skipped: test_tls13cookie needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13downgrade.t ... skipped: test_tls13downgrade needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13hrr.t . skipped: test_tls13hrr needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13kexmodes.t skipped: test_tls13kexmodes needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13messages.t skipped: test_tls13messages needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tls13psk.t . skipped: test_tls13psk needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_tlsextms.t . skipped: test_tlsextms needs the dynamic engine feature enabled ../../openssl/test/recipes/70-test_verify_extra.t . ok ../../openssl/test/recipes/70-test_wpacket.t .. ok ../../openssl/test/recipes/80-test_ca.t ... ok ../../openssl/test/recipes/80-test_cipherbytes.t .. ok ../../openssl/test/recipes/80-test_cipherlist.t ... ok ../../openssl/test/recipes/80-test_ciphername.t ... ok ../../openssl/test/recipes/80-test_cms.t .. ok ../../openssl/test/recipes/80-test_cmsapi.t ... ok ../../openssl/test/recipes/80-test_ct.t ... ok ../../openssl/test/recipes/80-test_dane.t . ok ../../openssl/test/recipes/80-test_dtls.t . ok ../../openssl/test/recipes/80-test_dtls_mtu.t . ok