Out of memory problem with pinentry-qt

Ingo Klöcker kloecker@kde.org
Fri Apr 18 13:44:02 2003


--Boundary-02=_wA+n+YFwGSIOQKf
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Content-Description: signed data
Content-Disposition: inline

On Thursday 17 April 2003 01:45, Steffen Hansen wrote:
> * Ingo Kl=F6cker <kloecker@kde.org> [Apr 16. 2003 07:32]:
> > pinentry-qt has a serious "Out of memory" problem. To reproduce run
> > pinentry-qt, enter "getpin" and then move the mouse a few times
> > over the buttons (I'm using Keramik style, maybe that's important).
> > You will get the following output:
[snip]
> >
> > A possible reason could be a memory leak in the Keramik style. My
> > radical solution to make pinentry-qt stable was to #ifdef 0 the
> > whole code of pinentry/qt/cppmemory.cpp and the two occurrences of
> > is_secure in pinentry/qt/main.cpp. Of course now pinentry-qt
> > doesn't use secure memory anymore but as pinentry-qt wasn't suid
> > root the memory was anyway not secure. Or was it?
>
> You are right. On Linux you unfortunately need to be root to call
> mlock(). Which version of pinentry do you use btw? The version in CVS
> only overrides new[] and delete[] with secure mem. versions, because
> those are the operators that QString uses for the string data.
> Non-array objects are allocated with the regular new operator.

The current cvs version doesn't run out of memory anymore. You should=20
release a new version of pinentry since the last "stable" version=20
definitely has the out-of-memory problem which sometimes causes crashes=20
as soon as the user moves the mouse over the OK button.

Regards,
Ingo


--Boundary-02=_wA+n+YFwGSIOQKf
Content-Type: application/pgp-signature
Content-Description: signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)

iD8DBQA+n+AwGnR+RTDgudgRAnLVAKDJ8nl5Wd8k5neMbsRsbrFuKet2FACgmBWN
ecRJYLhNnFA46FIs4fknDkA=
=sjiK
-----END PGP SIGNATURE-----

--Boundary-02=_wA+n+YFwGSIOQKf--