Possible memory leak in pgcrypto with EVP_MD_CTX

From: Michael Paquier <michael(at)paquier(dot)xyz>
To: Postgres hackers <pgsql-hackers(at)lists(dot)postgresql(dot)org>
Subject: Possible memory leak in pgcrypto with EVP_MD_CTX
Date: 2020-10-15 07:22:12
Message-ID: 20201015072212.GC2305@paquier.xyz
Views: Raw Message | Whole Thread | Download mbox | Resend email
Lists: pgsql-hackers

Hi all,

It happens that pgcrypto has the following leak if a digest cannot be
--- a/contrib/pgcrypto/openssl.c
+++ b/contrib/pgcrypto/openssl.c
@@ -202,6 +202,7 @@ px_find_digest(const char *name, PX_MD **res)
if (EVP_DigestInit_ex(ctx, md, NULL) == 0)
+ EVP_MD_CTX_destroy(ctx);
return -1;

That's a bit annoying, because this memory is allocated directly by
OpenSSL, and Postgres does not know how to free it until it gets
registered in the list of open_digests that would be used by the
cleanup callback, so I think that we had better back-patch this fix.


Attachment Content-Type Size
pgcrypto-leak.patch text/x-diff 354 bytes


Browse pgsql-hackers by date

  From Date Subject
Next Message Dilip Kumar 2020-10-15 07:31:49 Re: Logical replication CPU-bound with TRUNCATE/DROP/CREATE many tables
Previous Message Masahiko Sawada 2020-10-15 07:15:51 Re: Add Information during standby recovery conflicts