[Bug 20984] New: CRYPT_GetDefaultProvider-related leak in crypt32/tests/message.c

10 Dec 2009


      http://bugs.winehq.org/show_bug.cgi?id=20984
Summary: CRYPT_GetDefaultProvider-related leak in
                    crypt32/tests/message.c
           Product: Wine
           Version: 1.1.34
          Platform: PC
        OS/Version: Linux
            Status: NEW
          Keywords: download, source, testcase
          Severity: normal
          Priority: P2
         Component: crypt32
        AssignedTo: wine-bugs@winehq.org
        ReportedBy: dank@kegel.com
Juan writes:
-- snip --
The key leaked in
http://kegel.com/wine/valgrind/logs/2009-12-08-09.24/vg-crypt32_message.txt
972 bytes in 1 blocks are definitely lost 
    at  notify_alloc (heap.c:247)
    by  RtlAllocateHeap (heap.c:1697)
    by  new_object (handle.c:359)
    by  new_key (rsaenh.c:834)
    by  import_public_key (rsaenh.c:2777)
    by  import_key (rsaenh.c:2973)
    by  RSAENH_CPImportKey (rsaenh.c:3020)
    by  CryptImportKey (crypt.c:1827)
    by  CRYPT_ImportRsaPublicKeyInfoEx (encode.c:4786)
    by  CryptImportPublicKeyInfoEx (encode.c:4819)
    by  CryptImportPublicKeyInfo (encode.c:4757)
    by  CDecodeSignedMsg_VerifySignatureWithKey (msg.c:2554)
    by  CDecodeSignedMsg_VerifySignature (msg.c:2613)
    by  CDecodeMsg_Control (msg.c:2668)
    by  CryptMsgControl (msg.c:2805)
    by  CryptVerifyDetachedMessageSignature (message.c:164)
    by  test_verify_detached_message_signature (message.c:403)
should be suppressed.  Feel free to open a bug if you like so you can
reference it.  The existing bug about a leak in rsaenh, 20684, doesn't
seem appropriate, as it may not cover this case.
Here's the scoop:  the leak comes from
test_verify_detached_message_signature.  This calls
CryptVerifyDetachedMessageSignature, with one of its arguments being a
pointer to a CRYPT_VERIFY_MESSAGE_PARA structure.  This calls
CryptMsgOpenToDecode, passing as the crypto provider the provider set
in the CRYPT_VERIFY_MESSAGE_PARA structure... except that it's 0.  If
it's 0, it calls CRYPT_GetDefaultProvider(), and sets an internal flag
indicating the the crypto provider shouldn't be unloaded, since it's
process-wide.  There's that famous CRYPT_GetDefaultProvider again:  it
can't be unloaded by crypt32, so it leaks whatever it's got, including
the last set of keys that get set into it.
-- snip --
Filing bug for reference, I'll add a suppression.
-- 
Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email
Do not reply to this email, post in Bugzilla using the
above URL to reply.
------- You are receiving this mail because: -------
You are watching all bug changes.

2025

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

2003

2002

2001

[Bug 20984] New: CRYPT_GetDefaultProvider-related leak in crypt32/tests/message.c