[New-bugs-announce] [issue27267] memory leak in _ssl.c, function load_cert_chain

[Ralph Haist]

New submission from Ralph Haist:

Test program:

$ cat sslTest.py
import ssl
ctx = ssl.SSLContext(ssl.PROTOCOL_SSLv23)
ctx.load_cert_chain("mycert.pem")
$

valgrind reports a memory leak if this test program is executed by python2.7 as follows:

==7266== 24 bytes in 1 blocks are definitely lost in loss record 564 of 2,578
==7266== at 0x4C2815D: malloc (vg_replace_malloc.c:299)
==7266== by 0x4BCDAA: convertsimple (getargs.c:1160)
==7266== by 0x4BCDAA: convertitem (getargs.c:514)
==7266== by 0x4BD841: vgetargskeywords (getargs.c:1618)
==7266== by 0x4BE47B: _PyArg_ParseTupleAndKeywords_SizeT (getargs.c:1464)
==7266== by 0x6DCFADC: load_cert_chain (_ssl.c:2536)
==7266== by 0x4AA75D: call_function (ceval.c:4350)
==7266== by 0x4AA75D: PyEval_EvalFrameEx (ceval.c:2987)
==7266== by 0x4AE209: PyEval_EvalCodeEx (ceval.c:3582)
==7266== by 0x4AE641: PyEval_EvalCode (ceval.c:669)
==7266== by 0x4CC9AD: run_mod (pythonrun.c:1370)
==7266== by 0x4CDAC1: PyRun_FileExFlags (pythonrun.c:1356)
==7266== by 0x4CE4C9: PyRun_SimpleFileExFlags (pythonrun.c:948)
==7266== by 0x4155FF: Py_Main (main.c:654)

After applying this patch to _ssl.c, the memory leak disappears:

$ diff -rc _ssl.c.org _ssl.c
*** _ssl.c.org 2016-05-18 14:18:39.093418625 +0200
--- _ssl.c 2016-05-18 14:41:50.215460826 +0200
***************
*** 2611,2616 ****
--- 2611,2617 ----
SSL_CTX_set_default_passwd_cb(self->ctx, orig_passwd_cb);
SSL_CTX_set_default_passwd_cb_userdata(self->ctx, orig_passwd_userdata);
PyMem_Free(pw_info.password);
+ PyMem_Free(certfile_bytes);
Py_RETURN_NONE;

error:

----------
components: Extension Modules
messages: 267820
nosy: rhaist
priority: normal
severity: normal
status: open
title: memory leak in _ssl.c, function load_cert_chain
type: resource usage
versions: Python 2.7

_______________________________________
Python tracker <report at bugs.python.org>
<http://bugs.python.org/issue27267>
_______________________________________