Description of problem: In the following code in m2crypto-0.16/SWIG/_aes.i 59 /* 60 // op == 0: decrypt 61 // otherwise: encrypt (Python code will supply the value 1.) 62 */ 63 PyObject *AES_crypt(const AES_KEY *key, PyObject *in, int outlen, int op) { 64 const void *buf; 65 int len; 66 unsigned char *out; 67 68 if (PyObject_AsReadBuffer(in, &buf, &len) == -1) 69 return NULL; 70 71 if (!(out=(unsigned char *)PyMem_Malloc(outlen))) { 72 PyErr_SetString(PyExc_MemoryError, "AES_crypt"); 73 return NULL; 74 } 75 if (op == 0) 76 AES_encrypt((const unsigned char *)in, out, key); 77 else 78 AES_decrypt((const unsigned char *)in, out, key); 79 return PyString_FromStringAndSize(out, outlen); 80 } A buffer of "outlen" bytes is claimed as "out" at line 71: 71 if (!(out=(unsigned char *)PyMem_Malloc(outlen))) { but it is never freed (assuming I'm reading this correctly), thus leaking "outlen" bytes each time. Version-Release number of selected component (if applicable): m2crypto-0.16-6.el5.6
Leak still present in latest upstream code: http://svn.osafoundation.org/m2crypto/trunk/SWIG/_aes.i
Thanks for your report, filed upstream as https://bugzilla.osafoundation.org/show_bug.cgi?id=12999 .
Technical note added. If any revisions are required, please edit the "Technical Notes" field accordingly. All revisions will be proofread by the Engineering Content Services team. New Contents: Prior to this update, the AES_crypt() function did not free a temporary buffer. This caused a memory leak when the function was called repeatedly. This problem has been fixed and the AES_crypt() function now frees memory correctly.
An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on therefore solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2011-1058.html