Subject: [libssh2] #182: Various memory leaks

[libssh2] #182: Various memory leaks

From: libssh2 Trac <trac_at_libssh2.stuge.se>
Date: Tue, 22 Jun 2010 13:10:59 -0000

#182: Various memory leaks
------------------------------+---------------------------------------------
 Reporter: john@… | Owner:
     Type: defect | Status: new
 Priority: normal | Milestone: 1.2.6
Component: API | Version: 1.2.6
 Keywords: | Blocks:
Blocked By: |
------------------------------+---------------------------------------------
 I have identified a number of memory leaks that occur when negotiating an
 ssh connection.
 I have the 10 June 2010 1.2.6 source and am compiling on Solaris 10 x86.
 I am using the bcheck program (part of Sun Studio 12) to identify the
 leaks.

 I start the session negotiation using '''libssh2_session_startup,''' on
 the first LIBSSH2_ERROR_EAGAIN return I close the session down using
 '''libssh2_session_free'''. I found the following variables could be
 leaked
 session->local.kexinit, session->remote.kexinit, session->kexinit_data.

 I made the following changes (diff output from session.c)
 838a840,842
> if (session->local.kexinit) {
> LIBSSH2_FREE(session, session->local.kexinit);
> }
 851a856,858
> if (session->remote.kexinit) {
> LIBSSH2_FREE(session, session->remote.kexinit);
> }
 867a875,877
> if (session->kexinit_data) {
> LIBSSH2_FREE(session, session->kexinit_data);
> }

 However I now find that there are other leaks that are harder to cleanup.
 During the key exchange memory is allocated in "diffie_hellman_sha1"
 (kex.c) and stored in "exchange_state->e_packet" (line 118). Unless the
 negotiation continues this memory is not freed.

 I am trying to write a long lived server process that connects via ssh to
 remote machines. The sockets can fail at any point after creation, and the
 '''libssh2_session_free''' function must release all memory when called.

 Most of the leaks are timing related and difficult to reliably reproduce.

 Another leak occurs in transport.c (line 472) as shown below
             p->payload = LIBSSH2_ALLOC(session, p->total_num);
 This occurs when opening 100 ssh connections and shutting them all down
 before they are all fully established.

-- 
Ticket URL: <http://trac.libssh2.org/ticket/182>
libssh2 <http://trac.libssh2.org/>
C library for writing portable SSH2 clients
_______________________________________________
libssh2-devel http://cool.haxx.se/cgi-bin/mailman/listinfo/libssh2-devel
Received on 2010-06-22