Re: BUG #2260: PGCrypto Memory Problem

On Wed, Feb 15, 2006 at 03:02:45PM -0500, Tom Lane wrote:
> Michael Fuhr <mike(at)fuhr(dot)org> writes:
> > My non-OpenSSL build shows no memory leak, so the leak and OpenSSL
> > seem to be correlated. I'd be more inclined to suspect a bug in
> > pgcrypto's OpenSSL-specific code than in OpenSSL itself. Will keep
> > digging.
>
> The problem appears to be here:
>
> static void
> digest_finish(PX_MD * h, uint8 *dst)
> {
> EVP_MD_CTX *ctx = (EVP_MD_CTX *) h->p.ptr;
> const EVP_MD *md = EVP_MD_CTX_md(ctx);
>
> EVP_DigestFinal(ctx, dst, NULL);
>
> /*
> * Some builds of 0.9.7x clear all of ctx in EVP_DigestFinal. Fix it by
> * reinitializing ctx.
> */
> EVP_DigestInit(ctx, md);
> }
>
> It looks like this results in a leak of the entire OpenSSL context for
> each call to pg_crypt. Marko, I trust you've got a better solution for
> this ...

Seems it's another bug in OpenSSL backwards compatibility code.
'man EVP_DigestInit':

0.9.7g:

EVP_DigestFinal() is similar to EVP_DigestFinal_ex()
except the digest context ctx is automatically cleaned up.

0.9.6c:

EVP_DigestFinal() retrieves the digest value from ctx
and places it in md. If the s parameter is not NULL then the
number of bytes of data written (i.e. the length of the digest)
will be written to the integer at s, at most EVP_MAX_MD_SIZE
bytes will be written. After calling EVP_DigestFinal() no
additional calls to EVP_DigestUpdate() can be made, but
EVP_DigestInit() can be called to initialize a new digest
operation.

But I have planned converting it to newer *_ex interface,
I just didn't bother as I hoped OpenSSL compatibility code
works fine. Seems they don't do much testing of older
interfaces, so the fix should be conversion of digest
functions to newer interface.

I'll send a patch ASAP.

--
marko