Permalink
Browse files

fixed a memory leak in the encoder and decoder. we should always call…

… EVP_CIPHER_CTX_cleanup even if we have called EVP_DecryptFinal or EVP_EncryptFinal already.
  • Loading branch information...
1 parent 00e6acd commit f7f5b5a991cdaf901c1701e543d45862bf52e2f5 @agentzh agentzh committed May 27, 2010
Showing with 10 additions and 3 deletions.
  1. +9 −2 src/ngx_http_encrypted_session_cipher.c
  2. +1 −1 test/t/sanity.t
View
11 src/ngx_http_encrypted_session_cipher.c
@@ -90,12 +90,15 @@ ngx_http_encrypted_session_3des_mac_encrypt(ngx_pool_t *pool, ngx_log_t *log,
p += len;
- /* EVP_EncryptFinal clears ctx automatically */
ret = EVP_EncryptFinal(&ctx, p, &len);
if (! ret) {
return NGX_ERROR;
}
+ /* XXX we should still explicitly release the ctx
+ * or we'll leak memory here */
+ EVP_CIPHER_CTX_cleanup(&ctx);
+
p += len;
*dst_len = p - *dst;
@@ -176,8 +179,12 @@ ngx_http_encrypted_session_3des_mac_decrypt(ngx_pool_t *pool, ngx_log_t *log,
p += len;
- /* EVP_DecryptFinal clears ctx automatically */
ret = EVP_DecryptFinal(&ctx, p, &len);
+
+ /* XXX we should still explicitly release the ctx
+ * or we'll leak memory here */
+ EVP_CIPHER_CTX_cleanup(&ctx);
+
if (! ret) {
ngx_log_debug0(NGX_LOG_DEBUG_HTTP, log, 0,
"failed to decrypt session: bad AES-256 digest.");
View
2 test/t/sanity.t
@@ -3,7 +3,7 @@
use lib 'lib';
use Test::Nginx::LWP;
-#repeat_each(3);
+#repeat_each(1000);
plan tests => repeat_each() * 2 * blocks();

0 comments on commit f7f5b5a

Please sign in to comment.