tomcat-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mark Thomas <ma...@apache.org>
Subject Re: svn commit: r1851094 - in /tomcat/native/trunk: native/src/ssl.c xdocs/miscellaneous/changelog.xml
Date Fri, 11 Jan 2019 20:01:01 GMT
On 11/01/2019 19:49, markt@apache.org wrote:
> Author: markt
> Date: Fri Jan 11 19:49:01 2019
> New Revision: 1851094
> 
> URL: http://svn.apache.org/viewvc?rev=1851094&view=rev
> Log:
> Fix a per connection memory leak when using OpenSSL BIO. This is typically used when
OpenSSL is providing the TLS support for NIO or NIO2.

As usual, additional review of this fix welcome since this is me writing
C code.

I have tested it builds on Windows as well this time ;)

Mark


> 
> Modified:
>     tomcat/native/trunk/native/src/ssl.c
>     tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
> 
> Modified: tomcat/native/trunk/native/src/ssl.c
> URL: http://svn.apache.org/viewvc/tomcat/native/trunk/native/src/ssl.c?rev=1851094&r1=1851093&r2=1851094&view=diff
> ==============================================================================
> --- tomcat/native/trunk/native/src/ssl.c (original)
> +++ tomcat/native/trunk/native/src/ssl.c Fri Jan 11 19:49:01 2019
> @@ -1279,23 +1279,36 @@ TCN_IMPLEMENT_CALL(jlong /* SSL * */, SS
>      tcn_ssl_ctxt_t *c = J2P(ctx, tcn_ssl_ctxt_t *);
>      int *handshakeCount = malloc(sizeof(int));
>      SSL *ssl;
> +    apr_pool_t *p = NULL;
>      tcn_ssl_conn_t *con;
>  
>      UNREFERENCED_STDARGS;
>  
>      TCN_ASSERT(ctx != 0);
> +    
>      ssl = SSL_new(c->ctx);
>      if (ssl == NULL) {
>          free(handshakeCount);
>          tcn_ThrowException(e, "cannot create new ssl");
>          return 0;
>      }
> -    if ((con = apr_pcalloc(c->pool, sizeof(tcn_ssl_conn_t))) == NULL) {
> +    
> +    apr_pool_create(&p, c->pool);
> +    if (p == NULL) {
>          free(handshakeCount);
> +        SSL_free(ssl);
>          tcn_ThrowAPRException(e, apr_get_os_error());
>          return 0;
>      }
> -    con->pool = c->pool;
> +    
> +    if ((con = apr_pcalloc(p, sizeof(tcn_ssl_conn_t))) == NULL) {
> +        free(handshakeCount);
> +        SSL_free(ssl);
> +        apr_pool_destroy(p);
> +        tcn_ThrowAPRException(e, apr_get_os_error());
> +        return 0;
> +    }
> +    con->pool = p;
>      con->ctx  = c;
>      con->ssl  = ssl;
>      con->shutdown_type = c->shutdown_type;
> @@ -1417,6 +1430,7 @@ TCN_IMPLEMENT_CALL(void, SSL, freeSSL)(T
>                                         jlong ssl /* SSL * */) {
>      SSL *ssl_ = J2P(ssl, SSL *);
>      int *handshakeCount = SSL_get_app_data3(ssl_);
> +    tcn_ssl_conn_t *con = SSL_get_app_data(ssl_);
>  
>      UNREFERENCED_STDARGS;
>  
> @@ -1424,6 +1438,7 @@ TCN_IMPLEMENT_CALL(void, SSL, freeSSL)(T
>          free(handshakeCount);
>      }
>      SSL_free(ssl_);
> +    apr_pool_destroy(con->pool);
>  }
>  
>  /* Make a BIO pair (network and internal) for the provided SSL * and return the network
BIO */
> 
> Modified: tomcat/native/trunk/xdocs/miscellaneous/changelog.xml
> URL: http://svn.apache.org/viewvc/tomcat/native/trunk/xdocs/miscellaneous/changelog.xml?rev=1851094&r1=1851093&r2=1851094&view=diff
> ==============================================================================
> --- tomcat/native/trunk/xdocs/miscellaneous/changelog.xml (original)
> +++ tomcat/native/trunk/xdocs/miscellaneous/changelog.xml Fri Jan 11 19:49:01 2019
> @@ -47,6 +47,10 @@
>        Fix some minor memory leaks that could occur after error conditions during
>        TLS connector initialisation. (markt)
>      </fix>
> +    <fix>
> +      Fix a per connection memory leak when using OpenSSL BIO. This is typically
> +      used when OpenSSL is providing the TLS support for NIO or NIO2. (markt)
> +    </fix>
>    </changelog>
>  </section>
>  <section name="Changes in 1.2.19">
> 
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: dev-help@tomcat.apache.org
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org


Mime
View raw message