Re: Possible memory leak in pgcrypto with EVP_MD_CTX
Michael Paquier <michael@paquier.xyz>
From: Michael Paquier <michael@paquier.xyz>
To: Postgres hackers <pgsql-hackers@lists.postgresql.org>
Date: 2020-10-19T01:08:58Z
Lists: pgsql-hackers
On Thu, Oct 15, 2020 at 04:22:12PM +0900, Michael Paquier wrote: > That's a bit annoying, because this memory is allocated directly by > OpenSSL, and Postgres does not know how to free it until it gets > registered in the list of open_digests that would be used by the > cleanup callback, so I think that we had better back-patch this fix. Hearing nothing, I have fixed the issue and back-patched it. While looking at it, I have noticed that e2838c58 has never actually worked with OpenSSL 0.9.6 because we lack an equivalent for EVP_MD_CTX_destroy() and EVP_MD_CTX_create(). This issue would be easy enough to fix as the size of EVP_MD_CTX is known in those versions of OpenSSL, but as we have heard zero complaints on this matter I have left that out in the 9.5 and 9.6 branches. Back in 2016, even 0.9.8 was barely used, so I can't even imagine somebody using 0.9.6 with the most recent PG releases. -- Michael
Commits
-
Fix potential memory leak in pgcrypto
- 099238322cf8 9.5.24 landed
- 994a02f7f77c 9.6.20 landed
- e8d36f9ece5e 10.15 landed
- 9141390813e0 11.10 landed
- 57bdf29dd5f6 12.5 landed
- 1bd9b2b23696 13.1 landed
- ca2a12c935f7 14.0 landed