Dear Nicolas, Thanks for reporting, the attached patch fixes it. Also in Git as dad0746a..302d3811.
Happy hacking! Christian On 1/11/19 4:11 PM, Nicolas Mora wrote: > Hello, > > While testing memory leaks in my code with valgrind, I found the > following problem, but I'm not sure if it comes from MHD or GnuTLS, or > even my use of libmicrohttpd. > > I use libmicrohttpd 0.9.62 and GnuTLS 3.6.5 on Debian. > > When you execute MHD_start_daemon with TLS support but use bad > certificates, the function MHD_start_daemon returns NULL, which is > expected, but seems to leak data. > Although, with the same code but with a valid certificate, there is no > memory leak. > > Valgrind reports the following problem: > ==7543== 6,336 (168 direct, 6,168 indirect) bytes in 1 blocks are > definitely lost in loss record 3 of 3 > ==7543== at 0x4837B65: calloc (vg_replace_malloc.c:752) > ==7543== by 0x4A92966: gnutls_certificate_allocate_credentials (in > /usr/lib/x86_64-linux-gnu/libgnutls.so.30.23.0) > ==7543== by 0x4864BCB: MHD_TLS_init (daemon.c:602) > ==7543== by 0x4864BCB: MHD_start_daemon_va (daemon.c:6165) > ==7543== by 0x486538A: MHD_start_daemon (daemon.c:4674) > ==7543== by 0x10932B: main (minimal_example.c:133) > > I have attached a modified minimal_example.c to show the problem. > > /Nicolas
diff --git a/src/microhttpd/daemon.c b/src/microhttpd/daemon.c
index 4fc5b1b6..ab75273b 100644
--- a/src/microhttpd/daemon.c
+++ b/src/microhttpd/daemon.c
@@ -6375,7 +6375,13 @@ thread_failed:
#endif
#ifdef HTTPS_SUPPORT
if (0 != (*pflags & MHD_USE_TLS))
+ {
gnutls_priority_deinit (daemon->priority_cache);
+ if (daemon->x509_cred)
+ gnutls_certificate_free_credentials (daemon->x509_cred);
+ if (daemon->psk_cred)
+ gnutls_psk_free_server_credentials (daemon->psk_cred);
+ }
#endif /* HTTPS_SUPPORT */
if (MHD_ITC_IS_VALID_(daemon->itc))
MHD_itc_destroy_chk_ (daemon->itc);
signature.asc
Description: OpenPGP digital signature
