GnuTLS leaks a file descriptor in _gnutls_psk_pwd_find_entry()
Simon Josefsson
simon at josefsson.org
Thu Apr 3 10:00:44 CEST 2008
Laurence Withers <l at lwithers.me.uk> writes:
> Hi,
>
> I've found that GnuTLS leaks a file descriptor in
> _gnutls_psk_pwd_find_entry() (from src/lib/auth_psk_pwd.c) . On line
> 175, we see a call to open a file:
>
> FILE* fd;
> /* ... */
> fd = fopen (cred->password_file, "r");
>
> However, there is no associated call to fclose. The attached patch,
> against version 2.2.2, adds a call to fclose() in each of the possible
> exit paths.
>
> I have tested it with the application in which I noticed the leak; the
> leak no longer occurs. The patch also applies cleanly against 2.3.4,
> although I did not perform a runtime test.
Hi! Thanks for the report, I applied the patch both to gnutls_2_2_x and
master.
Thanks,
/Simon
> Bye for now,
> --
> Laurence Withers, <l at lwithers.me.uk> -- jabber:l at jabber.lwithers.me.uk
> http://www.lwithers.me.uk/ tel:+447753988197
>
> --- gnutls-2.2.2/lib/auth_psk_passwd.c.old 2008-04-02 18:00:52.000000000 +0000
> +++ gnutls-2.2.2/lib/auth_psk_passwd.c 2008-04-02 18:01:35.000000000 +0000
> @@ -195,11 +195,14 @@
> if (ret < 0)
> {
> gnutls_assert ();
> + fclose (fd);
> return GNUTLS_E_SRP_PWD_ERROR;
> }
> + fclose (fd);
> return 0;
> }
> }
> + fclose (fd);
>
> /* user was not found. Fake him.
> * the last index found and randomize the entry.
>
> _______________________________________________
> Gnutls-devel mailing list
> Gnutls-devel at gnu.org
> http://lists.gnu.org/mailman/listinfo/gnutls-devel
More information about the Gnutls-devel
mailing list