Memory leak inside of SecTrustSettingsCopyCertificates
| Originator: | pablo.marcos.oltra | ||
| Number: | rdar://38232046 | Date Originated: | 2018-03-07 |
| Status: | Duplicate of 36861460, Closed | Resolved: | Yes |
| Product: | macOS + SDK | Product Version: | 10.13.3, 10.13.4 |
| Classification: | Memory leak | Reproducible: | Yes |
SecTrustSettingsCopyCertificates seems to have a memory leak inside that is reported when using clang's address sanitizer (a.k.a ASAN). Apple's provided clang does not support the memory sanitizer in 10.13.3, so I installed clang6 using brew. Instruments also reports it as a memory leak.
Steps to Reproduce:
Compile with `-fsanitize=address -framework CoreFoundation -framework Security` flags and run with `ASAN_OPTIONS=detect_leaks=1` environment variable.
void ssl_leak() {
for (int dom = kSecTrustSettingsDomainUser; dom <= int(kSecTrustSettingsDomainSystem); dom++) {
CFArrayRef cfCerts;
OSStatus status = SecTrustSettingsCopyCertificates(SecTrustSettingsDomain(dom), &cfCerts);
CFRelease(cfCerts);
}
}
Calling `SecTrustSettingsCopyCertificates` with `kSecTrustSettingsDomainSystem` as the first parameter is the one that generates the biggest leak (~1322342 bytes per call).
Expected Results:
No memory leaks
Actual Results:
Calling ssl_leak once:
SUMMARY: AddressSanitizer: 1322606 byte(s) leaked in 5179 allocation(s).
Calling ssl_leak 1000 times without ASAN:
https://snag.gy/YCzkXG.jpg
Version/Build:
macOS 10.13.3 and 10.13.4
Comments
Please note: Reports posted here will not necessarily be seen by Apple. All problems should be submitted at bugreport.apple.com before they are posted here. Please only post information for Radars that you have filed yourself, and please do not include Apple confidential information in your posts. Thank you!