classification
Title: _ssl memory leak in _get_peer_alt_names
Type: resource usage Stage: resolved
Components: Library (Lib) Versions: Python 3.2, Python 3.3, Python 2.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: nneonneo, pitrou, python-dev
Priority: normal Keywords: patch

Created on 2011-11-22 23:46 by nneonneo, last changed 2011-11-23 00:52 by pitrou. This issue is now closed.

Files
File name Uploaded Description Edit
ssl.patch nneonneo, 2011-11-22 23:49
Messages (5)
msg148154 - (view) Author: Robert Xiao (nneonneo) * Date: 2011-11-22 23:46 
_ssl.c has a memory leak in _get_peer_alt_names.

The `names' object is initialized here:

Modules/_ssl.c:601:
        if (method->it)
            names = (GENERAL_NAMES*)
              (ASN1_item_d2i(NULL,
                             &p,
                             ext->value->length,
                             ASN1_ITEM_ptr(method->it)));
        else
            names = (GENERAL_NAMES*)
              (method->d2i(NULL,
                           &p,
                           ext->value->length));

However, `names' is not freed after use, so it simply leaks.

Trivial patch:

--- a/Modules/_ssl.c	2011-09-03 12:16:46.000000000 -0400
+++ b/Modules/_ssl.c	2011-11-22 19:41:12.000000000 -0400
@@ -679,6 +679,8 @@
             }
             Py_DECREF(t);
         }
+
+        sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
     }
     BIO_free(biobuf);
     if (peer_alt_names != Py_None) {


I tested this with a private certificate containing a subjectAltName field, and the following code:

import ssl, socket
sock = ssl.wrap_socket(socket.socket(), cert_reqs=ssl.CERT_REQUIRED)
sock.connect(('localhost', 443))
for i in range(100000):
    x=sock._sslobj.peer_certificate()

Before this change, Python's memory usage would continually increase to about 45MB at the end of the loop. After this change, the memory usage stays constant at around 6MB.
msg148156 - (view) Author: Robert Xiao (nneonneo) * Date: 2011-11-22 23:49 
Attaching patch.
msg148157 - (view) Author: Robert Xiao (nneonneo) * Date: 2011-11-22 23:51 
Also applies to Python 2.7.
msg148161 - (view) Author: Roundup Robot (python-dev) Date: 2011-11-23 00:50 
New changeset 80d491aaeed2 by Antoine Pitrou in branch '3.2':
Issue #13458: Fix a memory leak in the ssl module when decoding a certificate with a subjectAltName.
http://hg.python.org/cpython/rev/80d491aaeed2

New changeset 3b5fef34c8c7 by Antoine Pitrou in branch 'default':
Issue #13458: Fix a memory leak in the ssl module when decoding a certificate with a subjectAltName.
http://hg.python.org/cpython/rev/3b5fef34c8c7

New changeset 61a5d44020cd by Antoine Pitrou in branch '2.7':
Issue #13458: Fix a memory leak in the ssl module when decoding a certificate with a subjectAltName.
http://hg.python.org/cpython/rev/61a5d44020cd
msg148162 - (view) Author: Antoine Pitrou (pitrou) * (Python committer) Date: 2011-11-23 00:52 
Patch committed, thank you.
History
Date User Action Args
2011-11-23 00:52:46pitrousetstatus: open -> closed
versions: + Python 3.3
messages: + msg148162

resolution: fixed
stage: resolved
2011-11-23 00:50:05python-devsetnosy: + python-dev
messages: + msg148161
2011-11-22 23:58:00amaury.forgeotdarcsetnosy: + pitrou
2011-11-22 23:51:19nneonneosetmessages: + msg148157
versions: + Python 2.7
2011-11-22 23:49:49nneonneosetfiles: + ssl.patch
keywords: + patch
messages: + msg148156
2011-11-22 23:46:24nneonneocreate