Uploaded image for project: 'Core Server'
  1. Core Server
  2. SERVER-17832

Memory leak when MongoD configured with SSL required and handle insecure connection

    XMLWordPrintableJSON

Details

    • Fully Compatible
    • ALL
    • Security 2 04/24/15

    Description

      Environment:
      db version v3.1.1-pre-
      git version: 5e7aa5c9efdea28cc82ff8d0ea0e3a76cf5c94f8
      OpenSSL version: OpenSSL 1.0.1m-fips 19 Mar 2015

      Scenario:
      Low bit corruption with SSL enabled

      Problem:

      1. Memory allocated in here
      • SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len);
      1. Memory has not been released during the error handler _handleSSLError()

      consider replacing the sslconnection w/ auto release pointer

       
      * socket, const char* initialBytes, int len) {
      		 
              SSLConnection* sslConn = new SSLConnection(_serverContext, socket, initialBytes, len);
      		 
              ScopeGuard sslGuard = MakeGuard(::SSL_free, sslConn->ssl);
      		 
              ScopeGuard bioGuard = MakeGuard(::BIO_free, sslConn->networkBIO);
      		 
       
              int ret;
      		 
              do {
      		 
                  ret = ::SSL_accept(sslConn->ssl);
      		 
              } while(!_doneWithSSLOp(sslConn, ret));
      		 
       
              if (ret != 1)
      		 
                  _handleSSLError(SSL_get_error(sslConn, ret), ret);
      		 
       
              sslGuard.Dismiss();
      		 
              bioGuard.Dismiss();

      Attachments

        Activity

          People

            robert.guo@mongodb.com Robert Guo (Inactive)
            eitan.klein Eitan Klein
            Votes:
            0 Vote for this issue
            Watchers:
            4 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: