Bug 796302 - gnutls 2.12.14 leaks memory, needs an update
Summary: gnutls 2.12.14 leaks memory, needs an update
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: gnutls
Version: 16
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Tomas Mraz
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2012-02-22 16:25 UTC by Sam Varshavchik
Modified: 2012-03-26 17:53 UTC (History)
3 users (show)

Fixed In Version: gnutls-2.12.14-2.fc16
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2012-03-26 03:57:27 UTC
Type: ---


Attachments (Terms of Use)

Description Sam Varshavchik 2012-02-22 16:25:31 UTC
Description of problem:

Memory leak.

Version-Release number of selected component (if applicable):

gnutls-2.12.14-1.fc16

How reproducible:

Always.

Steps to Reproduce:

1. Use gnutls_x509_privkey_generate(). Discard the private key properly, after usage.
  
Actual results:

Valgrind complains:

==22137==    at 0x4A074CD: malloc (vg_replace_malloc.c:236)
==22137==    by 0x33E2809490: do_malloc (global.c:770)
==22137==    by 0x33E280A3C8: _gcry_malloc (global.c:792)
==22137==    by 0x33E280A70E: _gcry_xmalloc (global.c:946)
==22137==    by 0x33E2851A99: _gcry_mpi_alloc (mpiutil.c:51)
==22137==    by 0x3F70C918F6: wrap_gcry_pk_generate_params (pk.c:736)
==22137==    by 0x3F70C2FDEA: _generate_params (gnutls_pk.c:531)
==22137==    by 0x3F70C6D1E9: gnutls_x509_privkey_generate (privkey.c:1488)

Additional info:

Looking at the code, the leak is obvious. This already appears to be fixed upstream, in the current release, so an update would be in order.

Comment 1 Tomas Hoger 2012-02-22 16:57:57 UTC
Do you refer to tmp in _rsa_generate_params?

It seems it was added in:
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=d4a4643dbe1bd739e55706fa4affaf10aae1dfa9#patch3

but got broken shortly after:
http://git.savannah.gnu.org/gitweb/?p=gnutls.git;a=commitdiff;h=bab8c93bf9501e0eece9d99b491987c83b998e26#patch1

and does not seem fixed upstream in 2.12.x.

Any good use case where keys are generated in long running process?  Sounds more like a bug.

Comment 2 Sam Varshavchik 2012-02-22 17:31:00 UTC
I do see that it's still there in 2.12.x series. I looked at the wrong snapshot initially.

Any server session that supports export-grade RSA calls gnutls_rsa_params_generate2(), which calls gnutls_x509_privkey_generate().

The use case here would be servers that support export-grade RSA and use a per-session set of RSA keys; rather than generating them once for their entire lifetime. That does not seem unreasonable.

Comment 3 Tomas Hoger 2012-03-07 17:52:06 UTC
Quoting from:

  http://www.gnu.org/software/gnutls/manual/gnutls.html#Parameter-generation

  The ciphersuites that involve the RSA-EXPORT key exchange require additional
  parameters. Those ciphersuites are rarely used today because they are by
  design insecure, thus if you have no requirement for them, the rest of this
  section can be skipped.

Export ciphers are disabled by default.  Hence the impact still seems rather limited.  We can report this to upstream privately, but it seems ok to report that via upstream devel list (I believe you already reported some other leak there recently).

Once this issue is fixed upstream, we can push the fix to Fedora.  Tomas M., do you agree?

Comment 4 Tomas Mraz 2012-03-07 18:42:38 UTC
Yes, sure.

Comment 5 Tomas Mraz 2012-03-08 17:17:00 UTC
I sent a mail with a patch to the upstream devel mailing list.

And I decided to build a new package with the fix in rawhide.

Comment 6 Tomas Hoger 2012-03-08 17:38:36 UTC
(In reply to comment #5)
> I sent a mail with a patch to the upstream devel mailing list.

http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5922

Looks like Sam managed to beat you by a bit:

http://thread.gmane.org/gmane.comp.encryption.gpg.gnutls.devel/5921

Comment 7 Tomas Mraz 2012-03-08 17:46:10 UTC
At least I've added a few more leak fixes - albeit in error paths only. :)

Comment 9 Fedora Update System 2012-03-23 17:12:24 UTC
gnutls-2.12.14-2.fc16 has been submitted as an update for Fedora 16.
https://admin.fedoraproject.org/updates/gnutls-2.12.14-2.fc16

Comment 10 Fedora Update System 2012-03-24 00:27:42 UTC
Package gnutls-2.12.14-2.fc16:
* should fix your issue,
* was pushed to the Fedora 16 testing repository,
* should be available at your local mirror within two days.
Update it with:
# su -c 'yum update --enablerepo=updates-testing gnutls-2.12.14-2.fc16'
as soon as you are able to.
Please go to the following url:
https://admin.fedoraproject.org/updates/FEDORA-2012-4578/gnutls-2.12.14-2.fc16
then log in and leave karma (feedback).

Comment 11 Fedora Update System 2012-03-26 03:57:27 UTC
gnutls-2.12.14-2.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.

Comment 12 Fedora Update System 2012-03-26 17:53:51 UTC
gnutls-2.12.14-2.fc16 has been pushed to the Fedora 16 stable repository.  If problems still persist, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.