BUG #16160: Minor memory leak in case of starting postgres server with SSL encryption
The Post Office <noreply@postgresql.org>
From: PG Bug reporting form <noreply@postgresql.org>
To: pgsql-bugs@lists.postgresql.org
Cc: duspensky@ya.ru
Date: 2019-12-11T16:22:03Z
Lists: pgsql-bugs
The following bug has been logged on the website: Bug reference: 16160 Logged by: Dmitry Uspenskiy Email address: duspensky@ya.ru PostgreSQL version: 12.1 Operating system: Any Description: LeakSanitizer shows memory leak at the following place: [ts-1] ==17346==ERROR: LeakSanitizer: detected memory leaks [ts-1] [ts-1] Direct leak of 144 byte(s) in 1 object(s) allocated from: [ts-1] #0 0x563b7f in __interceptor_malloc /home/duspensky/code/yugabyte-db/thirdparty/build/common/llvm-7.0.1.src/../../../src/llvm-7.0.1.src/projects/comp iler-rt/lib/asan/asan_malloc_linux.cc:146 [ts-1] #1 0x7f697e6a7ee7 in CRYPTO_malloc (/home/duspensky/.linuxbrew-yb-build/linuxbrew-20181203T161736/lib/libcrypto.so.1.0.0+0x71ee7) [ts-1] #2 0x7f697e746b2e in DH_new_method (/home/duspensky/.linuxbrew-yb-build/linuxbrew-20181203T161736/lib/libcrypto.so.1.0.0+0x110b2e) [ts-1] #3 0x7f697e74609c in dh_cb (/home/duspensky/.linuxbrew-yb-build/linuxbrew-20181203T161736/lib/libcrypto.so.1.0.0+0x11009c) [ts-1] #4 0x7f697e78a1fc in ASN1_item_ex_new (/home/duspensky/.linuxbrew-yb-build/linuxbrew-20181203T161736/lib/libcrypto.so.1.0.0+0x1541fc) [ts-1] #5 0x7f697e78f09a in ASN1_item_ex_d2i (/home/duspensky/.linuxbrew-yb-build/linuxbrew-20181203T161736/lib/libcrypto.so.1.0.0+0x15909a) [ts-1] #6 0x7f697e78f7ba in ASN1_item_d2i (/home/duspensky/.linuxbrew-yb-build/linuxbrew-20181203T161736/lib/libcrypto.so.1.0.0+0x1597ba) [ts-1] #7 0x7f697e7a0ad3 in PEM_read_bio_DHparams (/home/duspensky/.linuxbrew-yb-build/linuxbrew-20181203T161736/lib/libcrypto.so.1.0.0+0x16aad3) [ts-1] #8 0xcd75bd in load_dh_buffer /home/duspensky/code/yugabyte-db/src/postgres/src/backend/libpq/../../../../../../src/postgres/src/backend/libpq/be-secure-openssl.c:848:7 [ts-1] #9 0xcd4d07 in initialize_dh /home/duspensky/code/yugabyte-db/src/postgres/src/backend/libpq/../../../../../../src/postgres/src/backend/libpq/be-secure-openssl.c:976:8 [ts-1] #10 0xcd437c in be_tls_init /home/duspensky/code/yugabyte-db/src/postgres/src/backend/libpq/../../../../../../src/postgres/src/backend/libpq/be-secure-openssl.c:198:7 [ts-1] #11 0xeecd86 in PostmasterMain /home/duspensky/code/yugabyte-db/src/postgres/src/backend/postmaster/../../../../../../src/postgres/src/backend/postmaster/postmaster.c:981:10 [ts-1] #12 0xcd79e3 in PostgresServerProcessMain /home/duspensky/code/yugabyte-db/src/postgres/src/backend/main/../../../../../../src/postgres/src/backend/main/main.c:234:3 [ts-1] #13 0xcd8081 in main (/home/duspensky/code/yugabyte-db/build/asan-clang-dynamic-ninja/postgres/bin/postgres+0xcd8081) According to the following information https://wiki.openssl.org/index.php/Diffie-Hellman_parameters DH_free function must be called after SSL_CTX_set_tmp_dh
Commits
-
Fix memory leak when rejecting bogus DH parameters.
- ad6c19066d93 10.17 landed
- 8c830148d2d4 11.12 landed
- 2f31414f4322 12.7 landed
- 4b41f6923458 13.3 landed
- e835e89a0fd2 14.0 landed
-
Fix memory leak when initializing DH parameters in backend
- c49e287a8e4d 11.12 landed
- 992cba94d38e 12.7 landed
- 7d9629ed2f69 10.17 landed
- e0e569e1d192 13.0 landed
-
Avoid corner-case memory leak in SSL parameter processing.
- 4b12ab18c9d0 14.0 landed
- a2764d87df04 11.12 landed
- 7ce7f2b79890 10.17 landed
- 6e34755560aa 12.7 landed
- 4d072bf2a031 13.3 landed