Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Per-call memory growth with derive_private_key #4095

Closed
bfxtsales opened this issue Feb 4, 2018 · 3 comments · Fixed by #4096
Closed

Per-call memory growth with derive_private_key #4095

bfxtsales opened this issue Feb 4, 2018 · 3 comments · Fixed by #4096

Comments

@bfxtsales
Copy link

Would unbounded memory growth with repeated calls to derive_private_key be expected behavior, or am I doing something wrong or unsupported? Behavior is the same across Ubuntu and Mac and multiple python versions, all with Cryptography 2.1.4, as noted below.

This snippet experiences memory growth with each call to derive_private_key (with or without the "del sk" line). I tried some python profilers but can't track it down.

from cryptography.hazmat.primitives.asymmetric.ec import SECP256K1, derive_private_key
from cryptography.hazmat.backends import default_backend
DEFAULT_BACKEND = default_backend()
SECP256K1 = SECP256K1()
for i in range(0,10000000):
	sk = derive_private_key(1, SECP256K1, DEFAULT_BACKEND)
	del sk

Platforms
Linux ubuntu 4.13.0-32-generic #35-Ubuntu SMP Thu Jan 25 09:13:46 UTC 2018 x86_64 x86_64 x86_64 GNU/Linux
Python 2.7.14 (default, Sep 23 2017, 22:06:14) [GCC 7.2.0] on linux2
Python 3.6.3 (default, Oct 3 2017, 21:45:48) [GCC 7.2.0] on linux
Cryptography 2.1.4
OpenSSL 1.0.2g 1 Mar 2016

macOS 10.12.6 (16G1114) Darwin 16.7.0
Python 2.7.10 (default, Feb 7 2017, 00:08:15) [GCC 4.2.1 Compatible Apple LLVM 8.0.0 (clang-800.0.34)] on darwin
Python 3.6.3 (default, Oct 4 2017, 06:09:15) [GCC 4.2.1 Compatible Apple LLVM 9.0.0 (clang-900.0.37)] on darwin
Cryptography 2.1.4
OpenSSL 1.0.2n 7 Dec 2017

Thank you.
reaperhulk added a commit to reaperhulk/cryptography that referenced this issue Feb 4, 2018
@reaperhulk
fix a memory leak in ec derive_private_key
56b420c 
fixes pyca#4095
@reaperhulk
Copy link
Member

Thank you for the report, this is a memory leak. When calling EC_KEY_set_private_key the code erroneously assumed the BN * holding the private scalar had ownership taken by the EC_KEY, but in reality it is duped. This results in a memory leak of a BN * holding the private scalar on every invocation of derive_private_key.

@reaperhulk reaperhulk mentioned this issue Feb 4, 2018
Merged
@alex alex closed this as completed in #4096 Feb 4, 2018
alex pushed a commit that referenced this issue Feb 4, 2018
@reaperhulk @alex
fix a memory leak in ec derive_private_key (#4096)
1fdf29e 
* fix a memory leak in ec derive_private_key

fixes #4095

* pep8!
@bfxtsales
Copy link
Author

bfxtsales commented Feb 4, 2018 via email

@reaperhulk
Copy link
Member

@bfxtsales Until we do a release you'll need to clone this repo and install from source. You can do that with git clone https://github.com/pyca/cryptography && cd cryptography && pip install . on Linux. On macOS you'll need to also supply CFLAGS/LDFLAGS containing the paths to the OpenSSL you want to compile against (see: https://cryptography.io/en/latest/installation/)

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Aug 4, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix a memory leak in ec derive_private_key reaperhulk/cryptography
3 participants
@reaperhulk @bfxtsales and others