The source project of this merge request has been removed.
Fix memleak in 'iov_store_grow'
This patch is related to issue #1017 (closed) and fixes a bug in iov_store_grow()
to avoid a memory leak for use with Samba and AES-CCM
cipher.
Under certain conditions memory is not freed after use, as the allocated
flag is unset. In use with Samba, this can lead to a DoS attack, as copying a sufficiently large amount of data would allocate the whole memory of the server and letting the process die. As far as I could test, this patch allows the memory to be freed up again, having a stable memory consumption when using gnutls_aead_cipher_decryptv2()
.
Checklist
-
Commits have Signed-off-by:
with name/author being identical to the commit author -
Code modified for feature -
Test suite updated with functionality tests -
Test suite updated with negative tests -
Documentation updated / NEWS entry present (for non-trivial changes) -
CI timeout is 2h or higher (see Settings/CICD/General pipelines/Timeout)
Reviewer's checklist:
-
Any issues marked for closing are addressed -
There is a test suite reasonably covering new functionality or modifications -
Function naming, parameters, return values, types, etc., are consistent and according to CONTRIBUTION.md
-
This feature/change has adequate documentation added -
No obvious mistakes in the code
Edited by Alexander Haase