From bcd956d4d500040808b920e468529da94a1e33c8 Mon Sep 17 00:00:00 2001 From: Rainer Gerhards Date: Tue, 14 Jun 2011 12:52:02 +0200 Subject: bugfix: memory leak in imtcp & subsystems under some circumstances This leak is tied to error conditions which lead to incorrect cleanup of some data structures. [backport from v6, limited testing under v4] --- ChangeLog | 3 +++ runtime/nsd_gtls.c | 3 +++ tcpsrv.c | 10 ++++++---- 3 files changed, 12 insertions(+), 4 deletions(-) diff --git a/ChangeLog b/ChangeLog index 9bc775a4..39a66f5d 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,5 +1,8 @@ --------------------------------------------------------------------------- Version 4.6.6 [v4-stable] (rgerhards), 2010-11-?? +- bugfix: memory leak in imtcp & subsystems under some circumstances + This leak is tied to error conditions which lead to incorrect cleanup + of some data structures. [backport from v6, limited testing under v4] - bugfix: invalid processing in QUEUE_FULL condition If the the multi-submit interface was used and a QUEUE_FULL condition occured, the failed message was properly destructed. However, the diff --git a/runtime/nsd_gtls.c b/runtime/nsd_gtls.c index fb2e219d..e1dcf870 100644 --- a/runtime/nsd_gtls.c +++ b/runtime/nsd_gtls.c @@ -1118,6 +1118,7 @@ gtlsEndSess(nsd_gtls_t *pThis) } } gnutls_deinit(pThis->sess); + pThis->bHaveSess = 0; } RETiRet; } @@ -1171,6 +1172,8 @@ CODESTARTobjDestruct(nsd_gtls) gnutls_x509_crt_deinit(pThis->ourCert); if(pThis->bOurKeyIsInit) gnutls_x509_privkey_deinit(pThis->ourKey); + if(pThis->bHaveSess) + gnutls_deinit(pThis->sess); ENDobjDestruct(nsd_gtls) diff --git a/tcpsrv.c b/tcpsrv.c index 0581828e..8c992f79 100644 --- a/tcpsrv.c +++ b/tcpsrv.c @@ -477,7 +477,7 @@ Run(tcpsrv_t *pThis) int iTCPSess; int bIsReady; tcps_sess_t *pNewSess; - nssel_t *pSel; + nssel_t *pSel = NULL; ssize_t iRcvd; ISOBJ_TYPE_assert(pThis, tcpsrv); @@ -521,8 +521,8 @@ Run(tcpsrv_t *pThis) /* now check the sessions */ iTCPSess = TCPSessGetNxtSess(pThis, -1); while(nfds && iTCPSess != -1) { - CHKiRet(nssel.IsReady(pSel, pThis->pSessions[iTCPSess]->pStrm, NSDSEL_RD, &bIsReady, &nfds)); - if(bIsReady) { + localRet = nssel.IsReady(pSel, pThis->pSessions[iTCPSess]->pStrm, NSDSEL_RD, &bIsReady, &nfds); + if(bIsReady || localRet != RS_RET_OK) { char buf[128*1024]; /* reception buffer - may hold a partial or multiple messages */ dbgprintf("netstream %p with new data\n", pThis->pSessions[iTCPSess]->pStrm); @@ -576,7 +576,9 @@ finalize_it: /* this is a very special case - this time only we do not exit the * crashed, which made sense (the rest of the engine was not prepared for * that) -- rgerhards, 2008-05-19 */ - /*EMPTY*/; + if(pSel != NULL) { /* cleanup missing? happens during err exit! */ + nssel.Destruct(&pSel); + } } /* note that this point is usually not reached */ -- cgit