libdime icon indicating copy to clipboard operation
libdime copied to clipboard
verified publisher icon lavabit

memory leaks in ssl.c

Open MegaManSec opened this issue 11 years ago • 2 comments

the following lines leak 'ocsp'(I'm not going to put the "ands", because there are so many)

892 return 1; 833 return 0; 830 RET_ERROR_INT(ERR_UNSPEC, "OCSP validity check failed"); 799 return 0; 796 RET_ERROR_INT(ERR_UNSPEC, "basic OCSP response verification failed"); 780 return 0; 777 RET_ERROR_INT(ERR_UNSPEC, "basic OCSP response verification failed"); 761 RET_ERROR_INT(ERR_UNSPEC, "unable to verify OCSP response because of certificate store error"); 749 RET_ERROR_INT(ERR_UNSPEC, "OCSP verification failed because of response nonce mismatch");

740 RET_ERROR_INT(ERR_UNSPEC, "unable to inspect basic OCSP response details"); 724 return 1; 706 RET_ERROR_INT(ERR_UNSPEC, "could not complete OCSP verification because of unknown error in retrieving response");

699 RET_ERROR_INT(ERR_UNSPEC, "could not complete OCSP verification because of unknown error in setting request");

687 RET_ERROR_INT(ERR_UNSPEC, "could not complete OCSP verification because of unknown error in constructing request"); 669 RET_ERROR_INT(ERR_UNSPEC, "could not complete OCSP verification because of openssl BIO error"); 662 RET_ERROR_INT_FMT(ERR_UNSPEC, "could not establish a connection to the OCSP server at %s:%s", phost, pport);

654 RET_ERROR_INT(ERR_UNSPEC, "OCSP validation failed because nonce could not be added to request"); 647 RET_ERROR_INT(ERR_UNSPEC, "OCSP validation failed because of certificate ID add failure"); 641 RET_ERROR_INT(ERR_UNSPEC, "OCSP validation failed because of memory allocation error"); 633 RET_ERROR_INT(ERR_UNSPEC, "OCSP validation failed because of url parsing error"); 625 RET_ERROR_INT(ERR_NOMEM, "OCSP validation failed because of memory allocation problem"); 609 return 1; 598 return 1; 522 RET_ERROR_INT(ERR_UNSPEC, "unable to verify OCSP response because of certificate store error");

Woo! that took a long time.

And one more:

failing to save or free storage allocated by _add_cached_object(cidstr, &cached_stores[cached_data_ocsp], 0UL, expiration, response, 1, 0) leaks it. 878 if (strlen(cidstr) && (!_add_cached_object(cidstr, &(cached_stores[cached_data_ocsp]), 0, expiration, response, 1, 0))) {

MegaManSec avatar Dec 31 '14 06:12 MegaManSec

Thank you, I will look at the rest tomorrow.

LBiv avatar Dec 31 '14 06:12 LBiv

nearly 10 years on, should we close this?:)

MegaManSec avatar Nov 21 '23 01:11 MegaManSec