[Libguestfs] [PATCH nbdkit 4/4] crypto: Free TLS session.

Sun Dec 2 19:19:41 UTC 2018

I think attached is a better version of this patch.  In particular it
avoids setting the per-connection data until we're at the very end of
the initialization function.

Technically this is not part of the fix for the memory leak, but
nevertheless this avoids any possible case where we might call
crypto_close without a valid session along some error path.

Rich.

-- 
Richard Jones, Virtualization Group, Red Hat http://people.redhat.com/~rjones
Read my programming and virtualization blog: http://rwmj.wordpress.com
Fedora Windows cross-compiler. Compile Windows programs, test, and
build Windows installers. Over 100 libraries supported.
http://fedoraproject.org/wiki/MinGW
-------------- next part --------------
>From e88cbcacdeb485692157f229713f2e8e1d0b07de Mon Sep 17 00:00:00 2001
From: "Richard W.M. Jones" <rjones at redhat.com>
Date: Sun, 2 Dec 2018 13:33:54 +0000
Subject: [PATCH] crypto: Free TLS session.

This structure was not freed along the non-error path, both resulting
in a memory leak and providing an easy way for clients to blow up
nbdkit servers if they enable TLS support.  Ooops.

Found by valgrind.
---
 src/crypto.c | 20 ++++++++++++--------
 1 file changed, 12 insertions(+), 8 deletions(-)

diff --git a/src/crypto.c b/src/crypto.c
index 948e79e..f19f3c6 100644
--- a/src/crypto.c
+++ b/src/crypto.c
@@ -391,6 +391,10 @@ crypto_close (struct connection *conn)
     close (sockin);
   if (sockout >= 0 && sockin != sockout)
     close (sockout);
+
+  gnutls_deinit (*session);
+  free (session);
+  connection_set_crypto_session (conn, NULL);
 }
 
 /* Upgrade an existing connection to TLS.  Also this should do access
@@ -476,15 +480,8 @@ crypto_negotiate_tls (struct connection *conn, int sockin, int sockout)
     goto error;
   }
 
-  /* Set up GnuTLS so it reads and writes on the raw sockets, and set
-   * up the connection recv/send/close functions so they call GnuTLS
-   * wrappers instead.
-   */
+  /* Set up GnuTLS so it reads and writes on the raw sockets. */
   gnutls_transport_set_int2 (*session, sockin, sockout);
-  connection_set_crypto_session (conn, session);
-  connection_set_recv (conn, crypto_recv);
-  connection_set_send (conn, crypto_send);
-  connection_set_close (conn, crypto_close);
 
   /* Perform the handshake. */
   debug ("starting TLS handshake");
@@ -500,6 +497,13 @@ crypto_negotiate_tls (struct connection *conn, int sockin, int sockout)
   }
   debug ("TLS handshake completed");
 
+  /* Set up the connection recv/send/close functions so they call
+   * GnuTLS wrappers instead.
+   */
+  connection_set_crypto_session (conn, session);
+  connection_set_recv (conn, crypto_recv);
+  connection_set_send (conn, crypto_send);
+  connection_set_close (conn, crypto_close);
   return 0;
 
  error:
-- 
2.19.0.rc0

