Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memory leak in SSLSocket.getpeercert() with 0-length AIA extension #69764

Closed
alex opened this issue Nov 7, 2015 · 2 comments
Closed

Memory leak in SSLSocket.getpeercert() with 0-length AIA extension #69764

alex opened this issue Nov 7, 2015 · 2 comments

Comments

@alex
Copy link
Member

alex commented Nov 7, 2015

BPO 25578
Nosy @pitrou, @giampaolo, @tiran, @benjaminp, @alex, @dstufft
Files
  • aia.diff
    		•

    Note: these values reflect the state of the issue at the time it was migrated and might not reflect the current state.

    Show more details

    GitHub fields:

    assignee = None
closed_at = <Date 2015-11-14.23:15:17.608>
created_at = <Date 2015-11-07.15:28:36.563>
labels = []
title = 'Memory leak in SSLSocket.getpeercert() with 0-length AIA extension'
updated_at = <Date 2015-11-14.23:15:17.605>
user = 'https://github.com/alex'

    bugs.python.org fields:

    activity = <Date 2015-11-14.23:15:17.605>
actor = 'python-dev'
assignee = 'none'
closed = True
closed_date = <Date 2015-11-14.23:15:17.608>
closer = 'python-dev'
components = []
creation = <Date 2015-11-07.15:28:36.563>
creator = 'alex'
dependencies = []
files = ['40973']
hgrepos = []
issue_num = 25578
keywords = ['patch', 'needs review']
message_count = 2.0
messages = ['254275', '254673']
nosy_count = 8.0
nosy_names = ['janssen', 'pitrou', 'giampaolo.rodola', 'christian.heimes', 'benjamin.peterson', 'alex', 'python-dev', 'dstufft']
pr_nums = []
priority = 'normal'
resolution = 'fixed'
stage = 'resolved'
status = 'closed'
superseder = None
type = None
url = 'https://bugs.python.org/issue25578'
versions = ['Python 2.7', 'Python 3.5', 'Python 3.6']
    @alex
    Copy link
    Member Author

    alex commented Nov 7, 2015

    Test.

    Put this certificate in a file:

    -----BEGIN CERTIFICATE-----
    MIICjTCCAXWgAwIBAgIBADANBgkqhkiG9w0BAQsFADAAMB4XDTE1MTEwNzE1MTAw
    NVoXDTE1MTEwNzE1MTAwNVowADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
    ggEBAKiZ3rzOM1m6toThRtkwgZzjuVVdapwU63yoXmp91f14pfO1z5XIkVAP1Sz/
    nK5Ti95LRmgPOzbIQHyNv2k2IOIbHL52y4AwWTa2G1EF3NvD9Tp6Zs85GFf7T5/N
    WnlqHHPZhAHpgHL2xjBWnnhVojDm6fgxE6OI0aFarLlO0FBs3PLgIoxY4RRPVYaz
    toP9G8ezbdGWGhaCqKO+ZjrCoQ2JNIdk4WsuGrZbCnGvGzFm+uhvs68IbJM4Mfm6
    mAO85UfjdHsyacs5MYYsb7GyzrkGnLwWNcK5NdZiJwzwxBYpbchj5hYIsYjIVAL6
    0BE4qG7wnJcHq1rvBeNgp7fP06kCAwEAAaMSMBAwDgYIKwYBBQUHAQEEAjAAMA0G
    CSqGSIb3DQEBCwUAA4IBAQBS+2YG56erPLavJ3PvP+DekHOuIakT3l6GCiDGsufO
    owdPxqsUZcCHlYjn6E50dLoKN0N6ECoKB0bIsA2EuwY08MSgtD4dA93jTXsdvWcX
    2QMIM11LIGLyJIZRgUeMdHAbsb9qdpWFXX6smDGLBBKHCIFwu/4qSXU+Gf5d2DMl
    edMDMkbgv3B8Q+7pCi7AgUOaZXPTbpHCdYnT2t+z3gNgyiXBH5wJNkrkK5tmawNb
    88+Kxa00mbYoSEPaz7E/zBB/W1NpoZCOgEq4t9Uuk7hm10htbKoyM7FxVpBEJkPE
    XpUdSNdClrHN36j1iB1NeFuOlxNVbD5FtMXx/wgX0B28
    -----END CERTIFICATE-----

    And run this script:

    import _ssl

def main():
    while True:
        _ssl._test_decode_cert("/path/to/cert.pem")

main()

    Patch is attached

    @python-dev
    Copy link
    Mannequin

    python-dev mannequin commented Nov 14, 2015

    New changeset 79abea02a569 by Benjamin Peterson in branch '2.7':
    fix possible memory lea k in _get_aia_uri (closes bpo-25578)
    https://hg.python.org/cpython/rev/79abea02a569

    New changeset bddc5491d0fb by Benjamin Peterson in branch '3.4':
    fix possible memory lea k in _get_aia_uri (closes bpo-25578)
    https://hg.python.org/cpython/rev/bddc5491d0fb

    New changeset 6c733337afae by Benjamin Peterson in branch '3.5':
    merge 3.4 (bpo-25578)
    https://hg.python.org/cpython/rev/6c733337afae

    New changeset 858cb1538531 by Benjamin Peterson in branch 'default':
    merge 3.5 (bpo-25578)
    https://hg.python.org/cpython/rev/858cb1538531

    @python-dev python-dev mannequin closed this as completed Nov 14, 2015
    @ezio-melotti ezio-melotti transferred this issue from another repository Apr 10, 2022
    Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
    Assignees
    No one assigned
    Labels
    None yet
    Projects
    None yet
    Milestone
    No milestone
    Development

    No branches or pull requests
    1 participant
    @alex