[gnutls-devel] Memory leak in print_aia in lib/x509/output.c

Ben de Graaff ben at nx3d.org
Sun Nov 24 01:00:10 CET 2013


The print_aia function in lib/x509/output.c (called via e.g.
gnutls_x509_crt_print) calls gnutls_x509_crt_get_authority_info_access
but never frees the data if this call is successful. This results in a
memory leak.

Bug requires authority info access to be present, and exists in version
3.2.6 and latest git.

Attached is sample code that triggers the memory leak.
Compile with e.g.:
gcc memleak.c -o memleak -std=c99 -Werror -Wall -Wextra -pedantic
-lgnutls && valgrind --leak-check=full ./memleak

-------------- next part --------------
A non-text attachment was scrubbed...
Name: memleak.c
Type: text/x-csrc
Size: 1244 bytes
Desc: not available
URL: </pipermail/attachments/20131124/d019a216/attachment-0001.c>


More information about the Gnutls-devel mailing list