Memory leaks in ocspclnt/PKIX.

RESOLVED FIXED in 3.12

Status

NSS
Libraries
P1
normal
RESOLVED FIXED
10 years ago
10 years ago

People

(Reporter: Slavomir Katuscak, Assigned: Alexei Volkov)

Tracking

({mlk})

trunk
3.12
Sun
Solaris

Firefox Tracking Flags

(Not tracked)

Details

Attachments

(2 attachments)

1.22 KB, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Details | Diff | Splinter Review
8.96 KB, patch
Nelson Bolyard (seldom reads bugmail)
: review+
Details | Diff | Splinter Review
(Reporter)

Description

10 years ago
I wrapped current OCSP tests with dbx and checked them for memory leaks. Here are some leak stacks related to OCSP/PKIX:

Possible memory leak -- address in block (aib):
Found leaked block of size 96 bytes at address 0x610f88
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
    [3] PKIX_PL_Object_Alloc() at line 531 in "pkix_pl_object.c"
    [4] pkix_pl_Socket_CreateByHostAndPort() at line 1647 in "pkix_pl_socket.c"
    [5] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [6] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [7] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [8] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [9] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [10] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [11] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [12] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [13] get_cert_status() at line 444 in "ocspclnt.c"
    [14] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 88 bytes at address 0x611000
At time of allocation, the call stack was:
    [1] calloc() at 0xe0954ab4
    [2] PR_Calloc() at line 475 in "prmem.c"
    [3] PR_NewLock() at line 174 in "ptsynch.c"
    [4] PKIX_PL_Object_Alloc() at line 554 in "pkix_pl_object.c"
    [5] pkix_pl_Socket_CreateByHostAndPort() at line 1647 in "pkix_pl_socket.c"
    [6] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [14] get_cert_status() at line 444 in "ocspclnt.c"
    [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 24 bytes at address 0x60d6d0
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] _PR_Getfd() at line 141 in "prfdcach.c"
    [3] pt_SetMethods() at line 3281 in "ptio.c"
    [4] PR_Socket() at line 3465 in "ptio.c"
    [5] PR_NewTCPSocket() at line 4329 in "ptio.c"
    [6] pkix_pl_Socket_CreateClient() at line 370 in "pkix_pl_socket.c"
    [7] pkix_pl_Socket_CreateByHostAndPort() at line 1674 in "pkix_pl_socket.c"
    [8] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [9] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [10] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [11] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [12] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [13] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [14] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [15] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [16] get_cert_status() at line 444 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 24 bytes at address 0x60d9e8
At time of allocation, the call stack was:
    [1] PR_Malloc() at line 467 in "prmem.c"
    [2] _PR_Getfd() at line 144 in "prfdcach.c"
    [3] pt_SetMethods() at line 3281 in "ptio.c"
    [4] PR_Socket() at line 3465 in "ptio.c"
    [5] PR_NewTCPSocket() at line 4329 in "ptio.c"
    [6] pkix_pl_Socket_CreateClient() at line 370 in "pkix_pl_socket.c"
    [7] pkix_pl_Socket_CreateByHostAndPort() at line 1674 in "pkix_pl_socket.c"
    [8] pkix_HttpCertStore_FindSocketConnection() at line 1640 in "pkix_pl_httpcertstore.c"
    [9] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
    [10] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
    [11] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
    [12] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
    [13] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
    [14] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
    [15] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
    [16] get_cert_status() at line 444 in "ocspclnt.c"
(Reporter)

Comment 1

10 years ago
Maybe fix for bug 391774 will fix also these leaks (don't have fix yet).
(Assignee)

Updated

10 years ago
Assignee: nobody → alexei.volkov.bugs
Priority: -- → P1
Target Milestone: --- → 3.12
Keywords: mlk
(Reporter)

Comment 2

10 years ago
Some more stacks related to this bug:

Possible memory leak -- address in block (aib):
Found leaked block of size 88 bytes at address 0x8532b28
At time of allocation, the call stack was:
        [1] calloc() at 0xb79308a0 
        [2] PR_Calloc() at line 475 in "prmem.c"
        [3] PR_NewLock() at line 174 in "ptsynch.c"
        [4] PKIX_PL_Object_Alloc() at line 555 in "pkix_pl_object.c"
        [5] PKIX_PL_String_Create() at line 312 in "pkix_pl_string.c"
        [6] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [7] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [9] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [10] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [12] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [13] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [14] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [15] get_cert_status() at line 444 in "ocspclnt.c"
        [16] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 60 bytes at address 0x852d830
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] pkix_EscASCII_to_UTF16() at line 844 in "pkix_pl_common.c"
        [4] PKIX_PL_String_Create() at line 344 in "pkix_pl_string.c"
        [5] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [6] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [14] get_cert_status() at line 444 in "ocspclnt.c"
        [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 44 bytes at address 0x853ad48
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] PKIX_PL_Object_Alloc() at line 532 in "pkix_pl_object.c"
        [4] PKIX_PL_String_Create() at line 312 in "pkix_pl_string.c"
        [5] PKIX_PL_Sprintf() at line 546 in "pkix_pl_string.c"
        [6] pkix_HttpCertStore_FindSocketConnection() at line 1625 in "pkix_pl_httpcertstore.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [8] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [9] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [11] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [12] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [13] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [14] get_cert_status() at line 444 in "ocspclnt.c"
        [15] main() at line 1257 in "ocspclnt.c"

Possible memory leak -- address in block (aib):
Found leaked block of size 16 bytes at address 0x85319f0
At time of allocation, the call stack was:
        [1] PR_Malloc() at line 467 in "prmem.c"
        [2] PKIX_PL_Malloc() at line 72 in "pkix_pl_mem.c"
        [3] pkix_pl_PrimHashTable_Add() at line 248 in "pkix_pl_primhash.c"
        [4] PKIX_PL_HashTable_Add() at line 227 in "pkix_pl_hashtable.c"
        [5] pkix_HttpCertStore_FindSocketConnection() at line 1650 in "pkix_pl_httpcertstore.c"
        [6] pkix_pl_HttpDefaultClient_RequestCreate() at line 1289 in "pkix_pl_httpdefaultclient.c"
        [7] pkix_pl_HttpDefaultClient_RequestCreateFcn() at line 1704 in "pkix_pl_httpdefaultclient.c"
        [8] fetchOcspHttpClientV1() at line 3233 in "ocsp.c"
        [9] ocsp_GetEncodedOCSPResponseFromRequest() at line 3384 in "ocsp.c"
        [10] ocsp_GetEncodedOCSPResponseForSingleCert() at line 3428 in "ocsp.c"
        [11] ocsp_GetOCSPStatusFromNetwork() at line 4687 in "ocsp.c"
        [12] CERT_CheckOCSPStatus() at line 4592 in "ocsp.c"
        [13] get_cert_status() at line 444 in "ocspclnt.c"
        [14] main() at line 1257 in "ocspclnt.c"
(Assignee)

Comment 3

10 years ago
All of these leaks should be resolved by PKIX_Shutdown. I've committed the patch that removes ifdef from PKIX_Shutdown. Slavo, please verify that these leaks are no longer reported. 
(Assignee)

Comment 4

10 years ago
Created attachment 283728 [details] [diff] [review]
Free socket if error occured.
Attachment #283728 - Flags: review?(nelson)
Comment on attachment 283728 [details] [diff] [review]
Free socket if error occured.

r=nelson
Attachment #283728 - Flags: review?(nelson) → review+
I'm confused by comment 3.  It seems to be saying that no problem remains
that needs to be patched, yet the patch for this bug was still awaiting 
review.  So, is this patch needed, or not?
(Assignee)

Comment 7

10 years ago
Yes, it is still needed. The main reason for the most of the leaks reported in the bug is unknown error condition that happened during connection opening.

PKIX_Shutdown takes care of cases when connection were successfully opened and were registered with httpClientCache.

The problem that the patch fixes was found during code inspections.

This bug will be closed ones the patch is integrated, since fix for leaks during error conditions will be attached to bug 397832.
(Assignee)

Comment 8

10 years ago
attachment 283728 [details] [diff] [review] is integrated to the trunk. 
Status: NEW → RESOLVED
Last Resolved: 10 years ago
Resolution: --- → FIXED
(Reporter)

Comment 9

10 years ago
Reopening - after adding OCSP tests to branch bug found also there.
Status: RESOLVED → REOPENED
Resolution: FIXED → ---
Target Milestone: 3.12 → 3.11.9
(Assignee)

Comment 10

10 years ago
Are you saying that we leak some memory while doing OCSP revocation check on the branch?

Well, since branch does not use libpkix code, the bug that you've found should not be related to this one.

Please update this bug(or better open a new bug and update it) with a stack found on the branch. Thx.
This bug is about PKIX code, which exists only on the trunk.
It is fixed.  If there is a leak in OCSP on the branch, 
it is a different bug, not this one.
Status: REOPENED → RESOLVED
Last Resolved: 10 years ago10 years ago
Resolution: --- → FIXED
Target Milestone: 3.11.9 → 3.12
(Reporter)

Comment 12

10 years ago
Sorry, my fault, used wrong pattern to match.
(Assignee)

Comment 13

10 years ago
Created attachment 290762 [details] [diff] [review]
Patch to the ignored stacks file.

Clean up ignored stacks file.
Attachment #290762 - Flags: review?(nelson)
Comment on attachment 290762 [details] [diff] [review]
Patch to the ignored stacks file.

r=nelson
Attachment #290762 - Flags: review?(nelson) → review+
You need to log in before you can comment on or make changes to this bug.