santuario-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Cullum, Steve" <>
Subject [C++] Memory Leak In DSIGSignature::verify() using RSA Signatures with WINCAPI
Date Fri, 14 Oct 2005 15:46:21 GMT
I am having real trouble tracking down a memory leak when using RSA
certificates via the MSCrypto interface.  I have already fixed one error
in the WinCAPICryptoKeyRSA() destructor.. (see previous thread).  But
memory is still being leaked when DSIGSignature::verify() gets called.

Steps used .. To reproduce behaviour are simple 

A) I Load a document digitally signed by RSA private key
B) Install the certificate into the Windows key store
C) Use the WINCAPI interface to load the certificate

The leak happens when DSIGSignature::verify() is called.  It does not
matter verification is successful or not. I can provide a test driver
and source to reproduce the behaviour.

Has anybody got any ideas ... ?  Where to look next.

I am using the very latest version of XSEC (dloaded from CVS on the 14th
Oct 05)

// change ~WinCAPICryptoKeyRSA and comment out the sig->verify() and no
leaks occur
// uncomment out sig->verify() and memory is leaked

    XercesDOMParser parser;
    MemBufInputSource *memIS = new MemBufInputSource((const XMLByte
*)buffer, bufferLen, "XSECMem", false);
    delete memIS;   // destroy as soon as possible

    if(parser.getErrorCount() > 0) 
    // Now create a signature object to validate the document
    XSECProvider prov;
    DSIGSignature *sig = prov.newSignatureFromDOM(parser.getDocument());


    XSECCryptoKey *clone = X509->clonePublicKey(); 
    sig->verify();		// leak here.. With the
WinCAPICryptoKeyRSA::~WinCAPICryptoKeyRSA() fix in place 
					// commenting out sig->verify()
stops leaks. 


View raw message