Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(105)

Issues Search
    My Issues | Starred     Open | Closed | All

Issue 181003: Suppress a leak of a CFMutableArray of certs in X509Certificate::Verify.... (Closed)

Created:
11 years, 3 months ago by wtc
Modified:
9 years, 7 months ago
CC:
chromium-reviews_googlegroups.com, not_the_right_glider, stuartmorgan, dank, the_wrong_timurrrr, Nirnimesh
Visibility:
Public.

Description

Suppress a leak of a CFMutableArray of certs in X509Certificate::Verify. R=rvargas BUG=20459 TEST=none Committed: http://src.chromium.org/viewvc/chrome?view=rev&revision=24715

Patch Set 1 #

Patch Set 2 : '' #

Patch Set 3 : '' #

Unified diffs Side-by-side diffs Delta from patch set Stats (+17 lines, -0 lines) Patch
MM tools/valgrind/memcheck/suppressions_mac.txt View 1 2 1 chunk +17 lines, -0 lines 0 comments Download

Messages

Total messages: 3 (0 generated)
wtc
11 years, 3 months ago (2009-08-28 01:22:14 UTC) #1
rvargas (doing something else)
LGTM
11 years, 3 months ago (2009-08-28 01:24:20 UTC) #2
hawk
11 years, 3 months ago (2009-08-28 01:51:23 UTC) #3 
It appears to be a leak within Apple's APIs. Here's the non-truncated stack
crawl I get when running valgrind against the test on my machine:

==82534== 1,068 (32 direct, 1,036 indirect) bytes in 1 blocks are definitely
lost in loss record 1,369 of 1,446
==82534==    at 0x19634CA: malloc_zone_malloc (vg_replace_malloc.c:199)
==82534==    by 0x2A9A3D0: _CFRuntimeCreateInstance (in
/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation)
==82534==    by 0x2A28137: __CFArrayInit (in
/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation)
==82534==    by 0x2A2AF09: CFArrayCreateMutableCopy (in
/System/Library/Frameworks/CoreFoundation.framework/Versions/A/CoreFoundation)
==82534==    by 0x19E050A: Security::KeychainCore::Trust::evaluate() (in
/System/Library/Frameworks/Security.framework/Versions/A/Security)
==82534==    by 0x19D63CB: SecTrustEvaluate (in
/System/Library/Frameworks/Security.framework/Versions/A/Security)
==82534==    by 0x24784A: net::X509Certificate::Verify(std::string const&, int,
net::CertVerifyResult*) const (in ./net_unittests)
==82534==    by 0x209466: net::CertVerifier::Request::DoVerify() (in
./net_unittests)
==82534==    by 0x209041: void DispatchToMethod<net::CertVerifier::Request, void
(net::CertVerifier::Request::*)()>(net::CertVerifier::Request*, void
(net::CertVerifier::Request::*)(), Tuple0 const&) (in ./net_unittests)
==82534==    by 0x20907C: RunnableMethod<net::CertVerifier::Request, void
(net::CertVerifier::Request::*)(), Tuple0>::Run() (in ./net_unittests)
==82534==    by 0x382819: -[TaskOperation main] (in ./net_unittests)
==82534==    by 0x2CEB7F3: -[NSOperation start] (in
/System/Library/Frameworks/Foundation.framework/Versions/C/Foundation)

The leak is inside Apple's Security::KeychainCore::Trust::evaluate(), which is
called by SecTrustEvaluate(), which is called by us. Fortunately, that
particular code is open source so we can see what's going on:

http://opensource.apple.com/source/libsecurity_keychain/libsecurity_keychain-...

After a little stepping through the assembly, I found that the line that's
leaking is:

if (mAnchors) {
	allowedAnchors = CFArrayCreateMutableCopy(NULL, 0, mAnchors);
}

mAnchors is non-NULL when you precede your call to SecTrustEvaluate() with a
call to SecTrustSetAnchorCertificates(), which we do, but that code path is only
followed in the unit tests (it's how the unit test root CA certificate becomes
trusted). Running outside the context of unit tests, we don't call
SecTrustSetAnchorCertificates(), and the leaking line of code is never executed.

Powered by Google App Engine
This is Rietveld 408576698