Open Radar

 
Summary:
When called from a bundled executable (e.g. from a Cocoa app), SecCodeCopySigningInformation() will leak 3 objects for each call when the kSecCSContentInformation flag is passed.
I have created a sample project that demonstrates this.

Since we are using this information to verify the integrity of the peer end for IPC communication, this may end up producing quite a noticeable number of leaks over the runtime of our app (which in fact is a bundled launchd job that is always running in the background).


Steps to Reproduce:
Build and run the „yambaapp“ target of the attached sample project. Notice how memory usage goes up.
Now build and profile the „yambaapp“ target -> Instruments will show the continuously growing leaks.
For each call to SecCodeCopySigningInformation(kSecCSContentInformation), an NSArray, a NSURL and a NSCFString object is leaked. All three object together occupy 288 bytes (according to Instruments) for each call to  SecCodeCopySigningInformation(kSecCSContentInformation)

Expected Results:
SecCodeCopySigningInformation(kSecCSContentInformation) should not leak any memory as long as the output dictionary is correctly released.

Actual Results:
Leaks as described above even though the output dictionary is released correctly.

Regression:
The same call, when done from a standalone tool does not leak any memory. Build and run the „yamba“ tool in the attached process to see this.