Hello,
I last time tried to convince you to implement the memory patch I
developed into the library. I did not succeed for following reasons:
a) The patch was incomplete:
--> I rechecked the complete SVN and fixed all memory stuff. The patch
still remains valid unchanged. No additions for other parts of the
library are needed (according to example code).
b) There should be no useless code, which makes the library vulnerable.
--> The patch are altogether 40 lines of active code, where only 16 of
them do real work, the others are only function overhead to keep a clean
interface. And they are in no way useless. Below are the important parts
of the patch.
c) The examples don't use it.
--> Well, now I added all the files in tests to the patch. Each of these
also calls FINALIZE before leaving main. All of these are 100% memory-loss
free. The main work was to fix multiple memory losses in the example code
as well as one in the library itself (cipher/ac.c).
So to get a final note: The examples for libgcrypt and the base library
have a memory loss problem. Without handling the one-time-allocations
first it has been nearly impossible to track this down and fix them (as
nobody did till now). With the fix applied there are no memory memory loss
problems which are covered by the example programs. The fix itself does
not change the library interface at all, but only adds the already planned
possibility to make a finalize call.
I will release the attached patch on my website, as due the LGPL
conditions I am required to do so. I myself no longer use the dynamic
library, but a largely stripped link library. Nevertheless I would prefer
the patch included in main distribution, so I need not release the patch.
Are there still any reasons to NOT apply the patch?
Below the relevant parts of the patch, which probably nobody of you ever
had a look on. It has NOTHING to do with dll unloading or anything like
that which was used during argumentation from your side.
src/global.c
+static void
+global_finalize (void)
+{
+ _gcry_pk_finalize();
+ _gcry_md_finalize();
+ _gcry_cipher_finalize();
+// ath_finalize();
+ _gcry_random_finalize();
+ any_init_done = 0;
+}
--
+ case GCRYCTL_FINALIZE:
+ global_finalize();
+ break;
src/g10lib.h
+void _gcry_cipher_finalize(void);
+void _gcry_md_finalize(void);
+void _gcry_pk_finalize(void);
cipher/pubkey.c
+void
+_gcry_pk_finalize(void)
+{
+ if(default_pubkeys_registered)
+ {
+ ath_mutex_lock(&pubkeys_registered_lock);
+ while(pubkeys_registered)
+ {
+ _gcry_module_release(pubkeys_registered);
+ }
+ default_pubkeys_registered = 0;
+ ath_mutex_unlock(&pubkeys_registered_lock);
+ }
+}
cipher/md.c
+void
+_gcry_md_finalize(void)
+{
+ if(default_digests_registered)
+ {
+ ath_mutex_lock(&digests_registered_lock);
+ while(digests_registered)
+ {
+ _gcry_module_release(digests_registered);
+ }
+ default_digests_registered = 0;
+ ath_mutex_unlock(&digests_registered_lock);
+ }
+}
cipher/cipher.c
+void
+_gcry_cipher_finalize(void)
+{
+ if(default_ciphers_registered)
+ {
+ ath_mutex_lock(&ciphers_registered_lock);
+ while(ciphers_registered)
+ {
+ _gcry_module_release(ciphers_registered);
+ }
+ default_ciphers_registered = 0;
+ ath_mutex_unlock(&ciphers_registered_lock);
+ }
+}
cipher/random.c
+void
+_gcry_random_finalize(void)
+{
+ if(is_initialized)
+ {
+ gcry_free(rndpool);
+ gcry_free(keypool);
+ is_initialized = 0;
+ }
+}
cipher/random.h
+void _gcry_random_finalize(void);
Ciao
--
____ _ _ ____ _ _ _ _ ____
| | | | | | \ / | | | the cool Gremlin from Bischofswerda
| __ | ____| | \/ | | | WWW: http://www.dstoecker.de/
| | | | | | | | PGP key available on www page.
|____| _|_ |____| _|_ _|_ |____| I hope AMIGA never stops making fun!
I last time tried to convince you to implement the memory patch I
developed into the library. I did not succeed for following reasons:
a) The patch was incomplete:
--> I rechecked the complete SVN and fixed all memory stuff. The patch
still remains valid unchanged. No additions for other parts of the
library are needed (according to example code).
b) There should be no useless code, which makes the library vulnerable.
--> The patch are altogether 40 lines of active code, where only 16 of
them do real work, the others are only function overhead to keep a clean
interface. And they are in no way useless. Below are the important parts
of the patch.
c) The examples don't use it.
--> Well, now I added all the files in tests to the patch. Each of these
also calls FINALIZE before leaving main. All of these are 100% memory-loss
free. The main work was to fix multiple memory losses in the example code
as well as one in the library itself (cipher/ac.c).
So to get a final note: The examples for libgcrypt and the base library
have a memory loss problem. Without handling the one-time-allocations
first it has been nearly impossible to track this down and fix them (as
nobody did till now). With the fix applied there are no memory memory loss
problems which are covered by the example programs. The fix itself does
not change the library interface at all, but only adds the already planned
possibility to make a finalize call.
I will release the attached patch on my website, as due the LGPL
conditions I am required to do so. I myself no longer use the dynamic
library, but a largely stripped link library. Nevertheless I would prefer
the patch included in main distribution, so I need not release the patch.
Are there still any reasons to NOT apply the patch?
Below the relevant parts of the patch, which probably nobody of you ever
had a look on. It has NOTHING to do with dll unloading or anything like
that which was used during argumentation from your side.
src/global.c
+static void
+global_finalize (void)
+{
+ _gcry_pk_finalize();
+ _gcry_md_finalize();
+ _gcry_cipher_finalize();
+// ath_finalize();
+ _gcry_random_finalize();
+ any_init_done = 0;
+}
--
+ case GCRYCTL_FINALIZE:
+ global_finalize();
+ break;
src/g10lib.h
+void _gcry_cipher_finalize(void);
+void _gcry_md_finalize(void);
+void _gcry_pk_finalize(void);
cipher/pubkey.c
+void
+_gcry_pk_finalize(void)
+{
+ if(default_pubkeys_registered)
+ {
+ ath_mutex_lock(&pubkeys_registered_lock);
+ while(pubkeys_registered)
+ {
+ _gcry_module_release(pubkeys_registered);
+ }
+ default_pubkeys_registered = 0;
+ ath_mutex_unlock(&pubkeys_registered_lock);
+ }
+}
cipher/md.c
+void
+_gcry_md_finalize(void)
+{
+ if(default_digests_registered)
+ {
+ ath_mutex_lock(&digests_registered_lock);
+ while(digests_registered)
+ {
+ _gcry_module_release(digests_registered);
+ }
+ default_digests_registered = 0;
+ ath_mutex_unlock(&digests_registered_lock);
+ }
+}
cipher/cipher.c
+void
+_gcry_cipher_finalize(void)
+{
+ if(default_ciphers_registered)
+ {
+ ath_mutex_lock(&ciphers_registered_lock);
+ while(ciphers_registered)
+ {
+ _gcry_module_release(ciphers_registered);
+ }
+ default_ciphers_registered = 0;
+ ath_mutex_unlock(&ciphers_registered_lock);
+ }
+}
cipher/random.c
+void
+_gcry_random_finalize(void)
+{
+ if(is_initialized)
+ {
+ gcry_free(rndpool);
+ gcry_free(keypool);
+ is_initialized = 0;
+ }
+}
cipher/random.h
+void _gcry_random_finalize(void);
Ciao
--
____ _ _ ____ _ _ _ _ ____
| | | | | | \ / | | | the cool Gremlin from Bischofswerda
| __ | ____| | \/ | | | WWW: http://www.dstoecker.de/
| | | | | | | | PGP key available on www page.
|____| _|_ |____| _|_ _|_ |____| I hope AMIGA never stops making fun!
Attached Files:
-
libgcrypt.patch (20.1 KB)