search

weidai11 / cryptopp

free C++ class library of cryptographic schemes
https://cryptopp.com
Other
4.66k stars 1.47k forks source link

Memory leak in signature verification #1258

Open zzandyc opened 5 months ago

zzandyc commented 5 months ago

I use the following code for signature verification, and it seems that there is a memory leak that occurred in the function RSA_VerifyStr,inside the StringSource, I don't know what caused it, I hope to receive a response. cryptopp version is 8.6.0,operating system is win10,IDE is vs2022

`#include

include <cryptopp/rsa.h>

include <cryptopp/randpool.h>

include <cryptopp/osrng.h>

include <cryptopp/files.h>

include <cryptopp/base64.h>

include <cryptopp/aes.h>

include <cryptopp/hex.h>

include <cryptopp/modes.h>

include <cryptopp/sha.h>

using namespace CryptoPP;

std::string SHA256EncodeStr(const std::string& plainText) { SHA256 sha256; std::string hash; StringSource ss(plainText, true, new HashFilter(sha256, new HexEncoder(new StringSink(hash)))); return hash; }

bool RSA_VerifyStr(const std::string& pubStr, const std::string& message, const std::string& signatureStr) { StringSource pub(pubStr.c_str(), true, new HexDecoder); RSASS<PKCS1v15, SHA1>::Verifier pubVerifier(pub);

StringSource signatureSrc(signatureStr.c_str(), true, new HexDecoder);
if (signatureSrc.MaxRetrievable() != pubVerifier.SignatureLength())
    return false;

SecByteBlock signature(pubVerifier.SignatureLength());
signatureSrc.Get(signature, signature.size());

SignatureVerificationFilter* verifierFilter = new SignatureVerificationFilter(pubVerifier);
verifierFilter->Put(signature, pubVerifier.SignatureLength());
StringSource s((byte*)message.c_str(), message.length(), true, verifierFilter);

return verifierFilter->GetLastResult();

}

int main() { std::string pubKeyStr = "30819D300D06092A864886F70D010101050003818B00308187028181009CE8D41CF3B62F8CDBA9B020D9D4A4CFEE9CDF0A49FBA990D2EFD1160649197D206B3D47AC52B6B982E3936EDCCFC850EFF5FEF32B7E7DBB0C017B56CF0FD4FC20ECF8DD58D232569CFAD1AF25DE1CCAABDD85153B572B96A241C49D6E6DBBFC19DB1CEE444488606D6CE0A27E214408FCF727923AEB641E0EF922368582001B020111"; std::string signature = "06B32FEF7F4A5EB12F809F641A7E8F84465401CD212B6B775BA658855C0CD8B417D54D3FDC8DD64FDDD2B04C14A94B5C37EC5C8A2748F97332EF251C02D2958CC88CA3E4A144DD04F609B0BD08043B6FD90E9C369214C84F24A374883CDF836B11156378EF05E9C1E8677090EFD6362A006B4ADD29F1CDDF9D26FFD621D2A7EB"; std::string jsonStr = "{\"validFrom\":1703001600,\"validTo\":1734624000,\"cpuId\":\"BFEBFBFF000A0652\"}"; if (!RSA_VerifyStr(pubKeyStr, SHA256EncodeStr(jsonStr), signature)) return -1;

return 0;

} `

dangdkhanh commented 5 months ago

same problem.

xamelllion commented 1 month ago

Valgrind shows that there is some still reachable block of memory, but it doesn't look like some big problem.

==109758== Memcheck, a memory error detector
==109758== Copyright (C) 2002-2022, and GNU GPL'd, by Julian Seward et al.
==109758== Using Valgrind-3.21.0 and LibVEX; rerun with -h for copyright info
==109758== Command: ./a.out
==109758== 
==109758== 
==109758== HEAP SUMMARY:
==109758==     in use at exit: 8 bytes in 1 blocks
==109758==   total heap usage: 161 allocs, 160 frees, 92,881 bytes allocated
==109758== 
==109758== LEAK SUMMARY:
==109758==    definitely lost: 0 bytes in 0 blocks
==109758==    indirectly lost: 0 bytes in 0 blocks
==109758==      possibly lost: 0 bytes in 0 blocks
==109758==    still reachable: 8 bytes in 1 blocks
==109758==         suppressed: 0 bytes in 0 blocks
==109758== Reachable blocks (those to which a pointer was found) are not shown.
==109758== To see them, rerun with: --leak-check=full --show-leak-kinds=all
==109758== 
==109758== For lists of detected and suppressed errors, rerun with: -s
==109758== ERROR SUMMARY: 0 errors from 0 contexts (suppressed: 0 from 0)
zzandyc commented 3 weeks ago

But if this code is run in a thread loop, memory leak is a big problem.