[New-bugs-announce] [issue25578] Memory leak in SSLSocket.getpeercert() with 0-length AIA extension
Alex Gaynor
report at bugs.python.org
Sat Nov 7 10:28:36 EST 2015
New submission from Alex Gaynor:
Test.
Put this certificate in a file:
-----BEGIN CERTIFICATE-----
MIICjTCCAXWgAwIBAgIBADANBgkqhkiG9w0BAQsFADAAMB4XDTE1MTEwNzE1MTAw
NVoXDTE1MTEwNzE1MTAwNVowADCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKiZ3rzOM1m6toThRtkwgZzjuVVdapwU63yoXmp91f14pfO1z5XIkVAP1Sz/
nK5Ti95LRmgPOzbIQHyNv2k2IOIbHL52y4AwWTa2G1EF3NvD9Tp6Zs85GFf7T5/N
WnlqHHPZhAHpgHL2xjBWnnhVojDm6fgxE6OI0aFarLlO0FBs3PLgIoxY4RRPVYaz
toP9G8ezbdGWGhaCqKO+ZjrCoQ2JNIdk4WsuGrZbCnGvGzFm+uhvs68IbJM4Mfm6
mAO85UfjdHsyacs5MYYsb7GyzrkGnLwWNcK5NdZiJwzwxBYpbchj5hYIsYjIVAL6
0BE4qG7wnJcHq1rvBeNgp7fP06kCAwEAAaMSMBAwDgYIKwYBBQUHAQEEAjAAMA0G
CSqGSIb3DQEBCwUAA4IBAQBS+2YG56erPLavJ3PvP+DekHOuIakT3l6GCiDGsufO
owdPxqsUZcCHlYjn6E50dLoKN0N6ECoKB0bIsA2EuwY08MSgtD4dA93jTXsdvWcX
2QMIM11LIGLyJIZRgUeMdHAbsb9qdpWFXX6smDGLBBKHCIFwu/4qSXU+Gf5d2DMl
edMDMkbgv3B8Q+7pCi7AgUOaZXPTbpHCdYnT2t+z3gNgyiXBH5wJNkrkK5tmawNb
88+Kxa00mbYoSEPaz7E/zBB/W1NpoZCOgEq4t9Uuk7hm10htbKoyM7FxVpBEJkPE
XpUdSNdClrHN36j1iB1NeFuOlxNVbD5FtMXx/wgX0B28
-----END CERTIFICATE-----
And run this script:
import _ssl
def main():
while True:
_ssl._test_decode_cert("/path/to/cert.pem")
main()
Patch is attached
----------
files: aia.diff
keywords: needs review, patch
messages: 254275
nosy: alex, christian.heimes, dstufft, giampaolo.rodola, janssen, pitrou
priority: normal
severity: normal
status: open
title: Memory leak in SSLSocket.getpeercert() with 0-length AIA extension
versions: Python 2.7, Python 3.5, Python 3.6
Added file: http://bugs.python.org/file40973/aia.diff
_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue25578>
_______________________________________
More information about the New-bugs-announce
mailing list