2.5.7 gnutls_x509_privkey_generate() returns GNUTLS_E_INVALID_REQUEST

Sam Varshavchik mrsam at courier-mta.com
Mon Sep 22 04:17:20 CEST 2008


Nikos Mavrogiannopoulos writes:

> Fix commited. Thank you!

I ran other parts of my app with valgrind compiled against the 2.5.8 
tarball, and I found three more leaks.

The first one:

==1980== 264 (72 direct, 192 indirect) bytes in 3 blocks are definitely lost in loss record 5 of 11
==1980==    at 0x4A0739E: malloc (vg_replace_malloc.c:207)
==1980==    by 0x31584081D0: do_malloc (global.c:558)
==1980==    by 0x31584083D8: _gcry_malloc (global.c:582)
==1980==    by 0x31584083FF: _gcry_xmalloc (global.c:717)
==1980==    by 0x31584443A9: _gcry_mpi_alloc (mpiutil.c:53)
==1980==    by 0x315844138A: _gcry_mpi_scan (mpicoder.c:357)
==1980==    by 0x3158409D44: _gcry_sexp_nth_mpi (sexp.c:691)
==1980==    by 0x4C7600D: _wrap_gcry_pk_sign (pk-libgcrypt.c:380)
==1980==    by 0x4C5E86E: _gnutls_pkcs1_rsa_encrypt (gnutls_pk.c:147)
==1980==    by 0x4C68835: _gnutls_sign (gnutls_sig.c:234)
==1980==    by 0x4C9F601: pkcs1_rsa_sign (sign.c:160)
==1980==    by 0x4C9F86C: _gnutls_x509_sign (sign.c:226)
==1980==    by 0x4C9FACA: _gnutls_x509_sign_tbs (sign.c:290)
==1980==    by 0x4C9FCD5: _gnutls_x509_pkix_sign (sign.c:348)
==1980==    by 0x4CAADC9: gnutls_x509_crt_sign2 (x509_write.c:666)

I think the problem here is in _wrap_gcry_pk_sign(). Line 380:

    res[0] = gcry_sexp_nth_mpi (list, 1, 0);

The return value from gcry_sexp_nth_mpi() appears to be the leak, because on 
a succesful return, this value never gets deallocated.  Also, I see that in 
line 345-367, res[0] and res[1] gets allocated in this fashion, but never 
get allocated. I see all these cleanup deallocations in the cleanup: block, 
at the end of the function, and I see that a number of error paths lead 
there even after the corresponding object is already deallocated. If 
_gnutls_mpi_release() and gcry_sexp_release() can be safely called on an 
object that they've already deallocated, it'll probably be easier just to 
remove the return 0 statement, and let cleanup: handle whatever's not been 
deallocated already.

The second leak:

==1980== 564 bytes in 18 blocks are definitely lost in loss record 7 of 11
==1980==    at 0x4A0739E: malloc (vg_replace_malloc.c:207)
==1980==    by 0x4C8B7E4: _gnutls_x509_write_value (common.c:1071)
==1980==    by 0x4C925E7: set_extension (extensions.c:305)
==1980==    by 0x4C92A71: _gnutls_x509_crt_set_extension (extensions.c:432)

This one's easy.  _gnutls_x509_write_value():

  val.data = gnutls_malloc (asize);     // <----- The allocated memory
  if (val.data == NULL)
    {
      gnutls_assert ();
      result = GNUTLS_E_MEMORY_ERROR;
      goto cleanup;
    }
    
  if (str)
  {
     // Not important

  }
  else
    {
      val.data = data->data;     // <----------- Leaks the malloced pointer
      val.size = data->size;
    }


The third leak:

==1980== 2,370 (504 direct, 1,866 indirect) bytes in 9 blocks are definitely lost in loss record 10 of 11
==1980==    at 0x4A05174: calloc (vg_replace_malloc.c:397)
==1980==    by 0x3158C0A211: (within /usr/lib64/libtasn1.so.3.0.14)
==1980==    by 0x3158C0A3F2: (within /usr/lib64/libtasn1.so.3.0.14)
==1980==    by 0x3158C0A5C2: (within /usr/lib64/libtasn1.so.3.0.14)
==1980==    by 0x3158C0A7E8: asn1_create_element (in /usr/lib64/libtasn1.so.3.0.14)
==1980==    by 0x4C88228: _gnutls_x509_encode_and_write_attribute (dn.c:665)
==1980==    by 0x4C88D42: _gnutls_x509_set_dn_oid (dn.c:915)
==1980==    by 0x4CAA02B: gnutls_x509_crt_set_dn_by_oid (x509_write.c:74)

In _gnutls_x509_encode_and_write_attribute(), there appears to be multiple 
execution paths -- including the successful execution fails, that does not 
call "asn1_delete_structure (&c2)" in order to release what was allocated on 
line 665 by calling asn1_create_element(). Looks like 
asn1_delete_structure(&c2) needs to be shoved right before the comment on 
line 716, after asn1_write_value() succeeds.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: </pipermail/attachments/20080921/36d705eb/attachment.pgp>


More information about the Gnutls-devel mailing list