Skip to content

[release/7.0-staging] Fix native leak in CryptoNative_GetX509nameInfo #100794

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
github-actions wants to merge 1 commit into from
Closed

[release/7.0-staging] Fix native leak in CryptoNative_GetX509nameInfo #100794

github-actions wants to merge 1 commit into from

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Apr 8, 2024
edited by vcsjones
Loading

Backport of #100780 to release/7.0-staging

/cc @vcsjones

Customer Impact

  • Customer reported
  • Found internally

Reported by a customer in #99933. Customers using the X509Certificate2.GetNameInfo API on Linux may leak native memory which is never freed, leading to resource starvation.

Regression

  • Yes
  • No

Testing

The fix was tested by observing the memory usage of the affected API in a loop and seeing that native resources were being freed appropriately.

Risk

Low. The fix is to use the correct API to free the native resource, and the correct API is used elsewhere in the native shim, so its behavior is understood.

@vcsjones
The implementation was previously only freeing the STACK_OF, but not …
3bd482b 
…the contents of the stack. This change fixes not freeing the individual GENERAL_NAME items.
@ghost ghost added the area-System.Security label Apr 8, 2024
@dotnet-policy-service
Copy link
Contributor

dotnet-policy-service bot commented Apr 8, 2024

Tagging subscribers to this area: @dotnet/area-system-security, @bartonjs, @vcsjones
See info in area-owners.md if you want to be subscribed.

This was referenced Apr 9, 2024
Closed
Closed
@bartonjs bartonjs added the Servicing-consider Issue for next servicing release review label Apr 10, 2024
@leecow leecow added Servicing-rejected and removed Servicing-consider Issue for next servicing release review labels Apr 11, 2024
@vcsjones
Copy link
Member

vcsjones commented Apr 12, 2024

I am guessing this missed the last serving release for .NET 7 given its rejection. Closing.

@vcsjones vcsjones closed this Apr 12, 2024
@jkotas jkotas deleted the backport/pr-100780-to-release/7.0-staging branch April 17, 2024 01:28
@github-actions github-actions bot locked and limited conversation to collaborators May 17, 2024
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Reviewers

@bartonjs bartonjs bartonjs approved these changes

Assignees

No one assigned

Labels

area-System.Security Servicing-rejected

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@vcsjones @bartonjs @leecow