Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[release/8.0-staging] Fix native leak in CryptoNative_GetX509nameInfo #100793

Merged
merged 1 commit into from
Apr 12, 2024
Merged

[release/8.0-staging] Fix native leak in CryptoNative_GetX509nameInfo #100793

merged 1 commit into from
Apr 12, 2024

Conversation

github-actions[bot]
Copy link
Contributor

@github-actions github-actions bot commented Apr 8, 2024
edited by vcsjones
Loading

Backport of #100780 to release/8.0-staging

/cc @vcsjones

Customer Impact

  • Customer reported
  • Found internally

Reported by a customer in #99933. Customers using the X509Certificate2.GetNameInfo API on Linux may leak native memory which is never freed, leading to resource starvation.

Regression

  • Yes
  • No

Testing

The fix was tested by observing the memory usage of the affected API in a loop and seeing that native resources were being freed appropriately.

Risk

Low. The fix is to use the correct API to free the native resource, and the correct API is used elsewhere in the native shim, so its behavior is understood.

@vcsjones
The implementation was previously only freeing the STACK_OF, but not …
f8922ea 
…the contents of the stack. This change fixes not freeing the individual GENERAL_NAME items.
@dotnet-policy-service Dotnet Policy Service
Copy link
Contributor

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

@build-analysis build-analysis bot mentioned this pull request Apr 9, 2024
Open
3 tasks
@bartonjs bartonjs added the Servicing-consider Issue for next servicing release review label Apr 10, 2024
@leecow leecow added Servicing-approved Approved for servicing release and removed Servicing-consider Issue for next servicing release review labels Apr 11, 2024
@leecow leecow added this to the 8.0.5 milestone Apr 11, 2024
@bartonjs bartonjs merged commit 9b82dcc into release/8.0-staging Apr 12, 2024
118 of 124 checks passed
@bartonjs bartonjs deleted the backport/pr-100780-to-release/8.0-staging branch April 12, 2024 17:05
@github-actions github-actions bot locked and limited conversation to collaborators May 13, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Reviewers

@bartonjs bartonjs bartonjs approved these changes

Assignees
No one assigned
Labels
area-System.Security Servicing-approved Approved for servicing release
Projects
None yet
Milestone
8.0.5
Development

Successfully merging this pull request may close these issues.
3 participants
@bartonjs @leecow @vcsjones