| From: | Michael Paquier <michael(at)paquier(dot)xyz> |
|---|---|
| To: | Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org> |
| Subject: | Possible memory leak in pgcrypto with EVP_MD_CTX |
| Date: | 2020-10-15 07:22:12 |
| Message-ID: | 20201015072212.GC2305@paquier.xyz |
| Views: | Raw Message | Whole Thread | Download mbox | Resend email |
| Thread: | |
| Lists: | pgsql-hackers |
Hi all,
It happens that pgcrypto has the following leak if a digest cannot be
initialized:
--- a/contrib/pgcrypto/openssl.c
+++ b/contrib/pgcrypto/openssl.c
@@ -202,6 +202,7 @@ px_find_digest(const char *name, PX_MD **res)
}
if (EVP_DigestInit_ex(ctx, md, NULL) == 0)
{
+ EVP_MD_CTX_destroy(ctx);
pfree(digest);
return -1;
}
That's a bit annoying, because this memory is allocated directly by
OpenSSL, and Postgres does not know how to free it until it gets
registered in the list of open_digests that would be used by the
cleanup callback, so I think that we had better back-patch this fix.
Thoughts?
--
Michael
| Attachment | Content-Type | Size |
|---|---|---|
| pgcrypto-leak.patch | text/x-diff | 354 bytes |
| From | Date | Subject | |
|---|---|---|---|
| Next Message | Dilip Kumar | 2020-10-15 07:31:49 | Re: Logical replication CPU-bound with TRUNCATE/DROP/CREATE many tables |
| Previous Message | Masahiko Sawada | 2020-10-15 07:15:51 | Re: Add Information during standby recovery conflicts |