2. 질의 응답
  3. Poco Cipher leak

Poco Cipher leak

2017-03-28 6 views
0

나는 미쳐 가고 대답없이 봤는데 여기서 글을 쓰려고한다. 우분투 16.04, GCC 5.4.0, Poco 1.7.8-all 및 OpenSSL 1.1.0e가 있습니다.Poco Cipher leak

및 이러한 코드 몇 줄 :

내가 Valgrind의를 실행하면 나는이 오류가 발생했습니다 
int main() 
{ 
    const std::string AES_NAME = "aes-128-cbc"; 
    Cipher::Ptr uptrCipher = CipherFactory::defaultFactory().createCipher(CipherKey(AES_NAME, "abcdef", "123456")); 
    std::string plainText = "This is my secret information"; 
    std::string encrypted = uptrCipher->encryptString(plainText, Cipher::ENC_BASE64); 
    return 0; 
}

합니다 (lengh에 대해 사과의 나) : 바닥에서 마지막 문장을 다음

valgrind --leak-check=full ./CipherTest 
==32223== Memcheck, a memory error detector 
==32223== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. 
==32223== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info 
==32223== Command: ./CipherTest 
==32223== 
==32223== Invalid free()/delete/delete[]/realloc() 
==32223== at 0x4C2F24B: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x5A3F369: __cxa_finalize (cxa_finalize.c:56) 
==32223== by 0x687CAB2: ??? (in /usr/local/lib/libPocoFoundationd.so.48) 
==32223== by 0x4010C16: _dl_fini (dl-fini.c:235) 
==32223== by 0x5A3EFF7: __run_exit_handlers (exit.c:82) 
==32223== by 0x5A3F044: exit (exit.c:104) 
==32223== by 0x5A25836: (below main) (libc-start.c:325) 
==32223== Address 0x737a9d0 is 0 bytes inside a block of size 20 free'd 
==32223== at 0x4C2F24B: operator delete(void*) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x5A3F369: __cxa_finalize (cxa_finalize.c:56) 
==32223== by 0x4ED7542: ??? (in /usr/local/lib/libPocoFoundation.so.48) 
==32223== by 0x4010C16: _dl_fini (dl-fini.c:235) 
==32223== by 0x5A3EFF7: __run_exit_handlers (exit.c:82) 
==32223== by 0x5A3F044: exit (exit.c:104) 
==32223== by 0x5A25836: (below main) (libc-start.c:325) 
==32223== Block was alloc'd at 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x4F69C0C: ??? (in /usr/local/lib/libPocoFoundation.so.48) 
==32223== by 0x4ED7212: ??? (in /usr/local/lib/libPocoFoundation.so.48) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 
==32223== HEAP SUMMARY: 
==32223==  in use at exit: 73,124 bytes in 13 blocks 
==32223== total heap usage: 3,914 allocs, 3,912 frees, 256,412 bytes allocated 
==32223== 
==32223== 18 bytes in 1 blocks are definitely lost in loss record 1 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F40D: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:31) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 20 bytes in 1 blocks are definitely lost in loss record 2 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F165: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:23) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 20 bytes in 1 blocks are definitely lost in loss record 3 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F1BA: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:24) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 20 bytes in 1 blocks are definitely lost in loss record 4 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x6942982: __static_initialization_and_destruction_0(int, int) (URI.cpp:32) 
==32223== by 0x6942A63: _GLOBAL__sub_I_URI.cpp (URI.cpp:915) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 21 bytes in 1 blocks are definitely lost in loss record 5 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F3B8: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:30) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 25 bytes in 1 blocks are definitely lost in loss record 6 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F20F: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:25) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 25 bytes in 1 blocks are definitely lost in loss record 7 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F264: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:26) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 25 bytes in 1 blocks are definitely lost in loss record 8 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F2B9: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:27) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 25 bytes in 1 blocks are definitely lost in loss record 9 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F30E: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:28) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 25 bytes in 1 blocks are definitely lost in loss record 10 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x688F363: __static_initialization_and_destruction_0(int, int) (DateTimeFormat.cpp:29) 
==32223== by 0x688FB4D: _GLOBAL__sub_I_DateTimeFormat.cpp (DateTimeFormat.cpp:63) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 28 bytes in 1 blocks are definitely lost in loss record 11 of 13 
==32223== at 0x4C2E0EF: operator new(unsigned long) (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x558EAEC: void std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::_M_construct<char const*>(char const*, char const*, std::forward_iterator_tag) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x558EC4B: std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >::basic_string(char const*, std::allocator<char> const&) (in /usr/lib/x86_64-linux-gnu/libstdc++.so.6.0.21) 
==32223== by 0x6918141: __static_initialization_and_destruction_0(int, int) (RotateStrategy.cpp:47) 
==32223== by 0x69181B7: _GLOBAL__sub_I_RotateStrategy.cpp (RotateStrategy.cpp:115) 
==32223== by 0x40104E9: call_init.part.0 (dl-init.c:72) 
==32223== by 0x40105FA: call_init (dl-init.c:30) 
==32223== by 0x40105FA: _dl_init (dl-init.c:120) 
==32223== by 0x4000CF9: ??? (in /lib/x86_64-linux-gnu/ld-2.23.so) 
==32223== 
==32223== 168 bytes in 1 blocks are definitely lost in loss record 12 of 13 
==32223== at 0x4C2DB8F: malloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so) 
==32223== by 0x7038D9D: CRYPTO_zalloc (in /usr/local/lib/libcrypto.so.1.1) 
==32223== by 0x5253907: Poco::Crypto::(anonymous namespace)::CryptoTransformImpl::CryptoTransformImpl(evp_cipher_st const*, std::vector<unsigned char, std::allocator<unsigned char> > const&, std::vector<unsigned char, std::allocator<unsigned char> > const&, Poco::Crypto::(anonymous namespace)::CryptoTransformImpl::Direction) (CipherImpl.cpp:100) 
==32223== by 0x5253E6F: Poco::Crypto::CipherImpl::createEncryptor() (CipherImpl.cpp:218) 
==32223== by 0x5252ACA: Poco::Crypto::Cipher::encrypt(std::istream&, std::ostream&, Poco::Crypto::Cipher::Encoding) (Cipher.cpp:67) 
==32223== by 0x52528BB: Poco::Crypto::Cipher::encryptString(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, Poco::Crypto::Cipher::Encoding) (Cipher.cpp:49) 
==32223== by 0x4010FA: main (main.cpp:37) 
==32223== 
==32223== LEAK SUMMARY: 
==32223== definitely lost: 420 bytes in 12 blocks 
==32223== indirectly lost: 0 bytes in 0 blocks 
==32223==  possibly lost: 0 bytes in 0 blocks 
==32223== still reachable: 72,704 bytes in 1 blocks 
==32223==   suppressed: 0 bytes in 0 blocks 
==32223== Reachable blocks (those to which a pointer was found) are not shown. 
==32223== To see them, rerun with: --leak-check=full --show-leak-kinds=all 
==32223== 
==32223== For counts of detected and suppressed errors, rerun with: -v 
==32223== ERROR SUMMARY: 23 errors from 13 contexts (suppressed: 0 from 0)

, I 라인 # 100에서 Cipher.cpp 및 CipherImp.cpp에 갔다 나는 발견 :

#if OPENSSL_VERSION_NUMBER >= 0x10100000L 
     _pContext = EVP_CIPHER_CTX_new();

그것은 내가 보인다 삭제되지 않았습니다 ... 잘 모르겠습니다. 그러나 나는 실수를 저질렀다고 확신한다.

누구든지이 오류를 만남? 어디에서 코드가 잘못 되었습니까?

Cristano

출처

2017-03-28 Chris

답변

0

내가 답을 발견 감사드립니다.

OpenSSL 1.1.0에서는 리소스를 확보하는 방법이 EVP_CIPHER_CTX_free (ctx) 인 것으로 보입니다.

나는 내 프로젝트에서 CipherImpl을 포함하고 distructor에 아래의 라인을 변경 :

CryptoTransformImpl::~CryptoTransformImpl() 
    { 
#if OPENSSL_VERSION_NUMBER >= 0x10100000L 
     //IT WAS: EVP_CIPHER_CTX_cleanup(_pContext); 
     EVP_CIPHER_CTX_free(_pContext); 

#else 
     EVP_CIPHER_CTX_cleanup(&_context); 
#endif 
    }

는 다시 Valgrind의 실행 :

valgrind --leak-check=full ./CipherTest 
==32869== Memcheck, a memory error detector 
==32869== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al. 
==32869== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info 
==32869== Command: ./CipherTest 
==32869== 
Sono nel costruttore con Openssl v.269484127 
==32869== 
==32869== HEAP SUMMARY: 
==32869==  in use at exit: 72,704 bytes in 1 blocks 
==32869== total heap usage: 3,893 allocs, 3,892 frees, 253,681 bytes allocated 
==32869== 
==32869== LEAK SUMMARY: 
==32869== definitely lost: 0 bytes in 0 blocks 
==32869== indirectly lost: 0 bytes in 0 blocks 
==32869==  possibly lost: 0 bytes in 0 blocks 
==32869== still reachable: 72,704 bytes in 1 blocks 
==32869==   suppressed: 0 bytes in 0 blocks 
==32869== Reachable blocks (those to which a pointer was found) are not shown. 
==32869== To see them, rerun with: --leak-check=full --show-leak-kinds=all 
==32869== 
==32869== For counts of detected and suppressed errors, rerun with: -v 
==32869== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)

출처

2017-03-28 10:20:28 Chris

 관련 문제

  • 관련 문제 없음^_^