classification
Title: Memory leak in SSLSocket.getpeercert() with 0-length AIA extension
Type: Stage: resolved
Components: Versions: Python 3.6, Python 3.5, Python 2.7
process
Status: closed Resolution: fixed
Dependencies: Superseder:
Assigned To: Nosy List: alex, benjamin.peterson, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou, python-dev
Priority: normal Keywords: needs review, patch

Created on 2015-11-07 15:28 by alex, last changed 2015-11-14 23:15 by python-dev. This issue is now closed.

Files
File name Uploaded Description Edit
aia.diff alex, 2015-11-07 15:28 review
Messages (2)
msg254275 - (view) Author: Alex Gaynor (alex) * (Python committer) Date: 2015-11-07 15:28
Test.

Put this certificate in a file:

-----BEGIN CERTIFICATE-----
MIICjTCCAXWgAwIBAgIBADANBgkqhkiG9w0BAQsFADAAMB4XDTE1MTEwNzE1MTAw
NVoXDTE1MTEwNzE1MTAwNVowADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiZ3rzOM1m6toThRtkwgZzjuVVdapwU63yoXmp91f14pfO1z5XIkVAP1Sz/
nK5Ti95LRmgPOzbIQHyNv2k2IOIbHL52y4AwWTa2G1EF3NvD9Tp6Zs85GFf7T5/N
WnlqHHPZhAHpgHL2xjBWnnhVojDm6fgxE6OI0aFarLlO0FBs3PLgIoxY4RRPVYaz
toP9G8ezbdGWGhaCqKO+ZjrCoQ2JNIdk4WsuGrZbCnGvGzFm+uhvs68IbJM4Mfm6
mAO85UfjdHsyacs5MYYsb7GyzrkGnLwWNcK5NdZiJwzwxBYpbchj5hYIsYjIVAL6
0BE4qG7wnJcHq1rvBeNgp7fP06kCAwEAAaMSMBAwDgYIKwYBBQUHAQEEAjAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBS+2YG56erPLavJ3PvP+DekHOuIakT3l6GCiDGsufO
owdPxqsUZcCHlYjn6E50dLoKN0N6ECoKB0bIsA2EuwY08MSgtD4dA93jTXsdvWcX
2QMIM11LIGLyJIZRgUeMdHAbsb9qdpWFXX6smDGLBBKHCIFwu/4qSXU+Gf5d2DMl
edMDMkbgv3B8Q+7pCi7AgUOaZXPTbpHCdYnT2t+z3gNgyiXBH5wJNkrkK5tmawNb
88+Kxa00mbYoSEPaz7E/zBB/W1NpoZCOgEq4t9Uuk7hm10htbKoyM7FxVpBEJkPE
XpUdSNdClrHN36j1iB1NeFuOlxNVbD5FtMXx/wgX0B28
-----END CERTIFICATE-----


And run this script:

import _ssl

def main():
    while True:
        _ssl._test_decode_cert("/path/to/cert.pem")

main()


Patch is attached
msg254673 - (view) Author: Roundup Robot (python-dev) (Python triager) Date: 2015-11-14 23:15
New changeset 79abea02a569 by Benjamin Peterson in branch '2.7':
fix possible memory lea k in _get_aia_uri (closes #25578)
https://hg.python.org/cpython/rev/79abea02a569

New changeset bddc5491d0fb by Benjamin Peterson in branch '3.4':
fix possible memory lea k in _get_aia_uri (closes #25578)
https://hg.python.org/cpython/rev/bddc5491d0fb

New changeset 6c733337afae by Benjamin Peterson in branch '3.5':
merge 3.4 (#25578)
https://hg.python.org/cpython/rev/6c733337afae

New changeset 858cb1538531 by Benjamin Peterson in branch 'default':
merge 3.5 (#25578)
https://hg.python.org/cpython/rev/858cb1538531
History
Date User Action Args
2015-11-14 23:15:17python-devsetstatus: open -> closed

nosy: + python-dev
messages: + msg254673

resolution: fixed
stage: resolved
2015-11-14 13:55:18alexsetnosy: + benjamin.peterson
2015-11-07 15:28:36alexcreate