Possible memory leak in pgcrypto with EVP_MD_CTX
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-10-15T07:22:12Z
Lists: pgsql-hackers
Attachments
- pgcrypto-leak.patch (text/x-diff) patch
Hi all,
It happens that pgcrypto has the following leak if a digest cannot be
initialized:
--- a/contrib/pgcrypto/openssl.c
+++ b/contrib/pgcrypto/openssl.c
@@ -202,6 +202,7 @@ px_find_digest(const char *name, PX_MD **res)
}
if (EVP_DigestInit_ex(ctx, md, NULL) == 0)
{
+ EVP_MD_CTX_destroy(ctx);
pfree(digest);
return -1;
}
That's a bit annoying, because this memory is allocated directly by
OpenSSL, and Postgres does not know how to free it until it gets
registered in the list of open_digests that would be used by the
cleanup callback, so I think that we had better back-patch this fix.
Thoughts?
--
Michael
Commits
-
Fix potential memory leak in pgcrypto
- 099238322cf8 9.5.24 landed
- 994a02f7f77c 9.6.20 landed
- e8d36f9ece5e 10.15 landed
- 9141390813e0 11.10 landed
- 57bdf29dd5f6 12.5 landed
- 1bd9b2b23696 13.1 landed
- ca2a12c935f7 14.0 landed