Message148154
_ssl.c has a memory leak in _get_peer_alt_names.
The `names' object is initialized here:
Modules/_ssl.c:601:
if (method->it)
names = (GENERAL_NAMES*)
(ASN1_item_d2i(NULL,
&p,
ext->value->length,
ASN1_ITEM_ptr(method->it)));
else
names = (GENERAL_NAMES*)
(method->d2i(NULL,
&p,
ext->value->length));
However, `names' is not freed after use, so it simply leaks.
Trivial patch:
--- a/Modules/_ssl.c 2011-09-03 12:16:46.000000000 -0400
+++ b/Modules/_ssl.c 2011-11-22 19:41:12.000000000 -0400
@@ -679,6 +679,8 @@
}
Py_DECREF(t);
}
+
+ sk_GENERAL_NAME_pop_free(names, GENERAL_NAME_free);
}
BIO_free(biobuf);
if (peer_alt_names != Py_None) {
I tested this with a private certificate containing a subjectAltName field, and the following code:
import ssl, socket
sock = ssl.wrap_socket(socket.socket(), cert_reqs=ssl.CERT_REQUIRED)
sock.connect(('localhost', 443))
for i in range(100000):
x=sock._sslobj.peer_certificate()
Before this change, Python's memory usage would continually increase to about 45MB at the end of the loop. After this change, the memory usage stays constant at around 6MB. |
|
Date |
User |
Action |
Args |
2011-11-22 23:46:25 | nneonneo | set | recipients:
+ nneonneo |
2011-11-22 23:46:25 | nneonneo | set | messageid: <1322005585.35.0.144896453023.issue13458@psf.upfronthosting.co.za> |
2011-11-22 23:46:24 | nneonneo | link | issue13458 messages |
2011-11-22 23:46:24 | nneonneo | create | |
|