Bug #9743
Updated by nobu (Nobuyoshi Nakada) about 10 years ago
repeated calls to `pub_key.verify(digest, pub_key.verify(digest, signature, data)` data) leaks memory. from what I can gather from the openssl documentation, there seems to be a missing call to `EVP_MD_CTX_cleanup()` EVP_MD_CTX_cleanup() FILE: ossl_pkey.c ~~~C ~~~ 326 EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data)); 327 switch (EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey)) { 328 case 0: ~~~ from the openssl docs: http://www.openssl.org/docs/crypto/EVP_VerifyInit.html > The call to `EVP_VerifyFinal()` EVP_VerifyFinal() internally finalizes a copy of the digest context. This means that calls to `EVP_VerifyUpdate()` EVP_VerifyUpdate() and `EVP_VerifyFinal()` EVP_VerifyFinal() can be called later to digest and verify additional data. > Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling `EVP_MD_CTX_cleanup()` EVP_MD_CTX_cleanup() or a memory leak will occur.