Memory leak when using ssh_connect() from libssh

96 views Asked by At

Output Valgrind (valgrind --leak-check=full ./script):

Valgrind Output with memorytestssh() not being in a loop:
==43309==
==43309== HEAP SUMMARY:
==43309==     in use at exit: 512 bytes in 8 blocks
==43309==   total heap usage: 451 allocs, 443 frees, 104,640 bytes allocated
==43309==
==43309== 512 (80 direct, 432 indirect) bytes in 1 blocks are definitely lost in loss record 8 of 8
==43309==    at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==43309==    by 0x4C4FC0D: CRYPTO_zalloc (in /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1)
==43309==    by 0x4C49023: ??? (in /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1)
==43309==    by 0x486E38F: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==    by 0x486E70C: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==    by 0x487D9C7: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==    by 0x487E0EB: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==    by 0x4888197: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==    by 0x48845B2: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==    by 0x48855EF: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==    by 0x48856BA: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==    by 0x486B39F: ssh_connect (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==43309==
==43309== LEAK SUMMARY:
==43309==    definitely lost: 80 bytes in 1 blocks
==43309==    indirectly lost: 432 bytes in 7 blocks
==43309==      possibly lost: 0 bytes in 0 blocks
==43309==    still reachable: 0 bytes in 0 blocks
==43309==         suppressed: 0 bytes in 0 blocks
==43309==
==43309== For lists of detected and suppressed errors, rerun with: -s
==43309== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

Valgrind Output with memorytestssh() being in a loop:
==55457==
==55457== HEAP SUMMARY:
==55457==     in use at exit: 10,240 bytes in 160 blocks
==55457==   total heap usage: 7,177 allocs, 7,017 frees, 1,743,370 bytes allocated
==55457==
==55457== 10,240 (1,600 direct, 8,640 indirect) bytes in 20 blocks are definitely lost in loss record 8 of 8
==55457==    at 0x483B7F3: malloc (in /usr/lib/x86_64-linux-gnu/valgrind/vgpreload_memcheck-amd64-linux.so)
==55457==    by 0x4C4FC0D: CRYPTO_zalloc (in /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1)
==55457==    by 0x4C49023: ??? (in /usr/lib/x86_64-linux-gnu/libcrypto.so.1.1)
==55457==    by 0x486E38F: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==    by 0x486E70C: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==    by 0x487D9C7: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==    by 0x487E0EB: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==    by 0x4888197: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==    by 0x48845B2: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==    by 0x48855EF: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==    by 0x48856BA: ??? (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==    by 0x486B39F: ssh_connect (in /usr/lib/x86_64-linux-gnu/libssh.so.4.8.4)
==55457==
==55457== LEAK SUMMARY:
==55457==    definitely lost: 1,600 bytes in 20 blocks
==55457==    indirectly lost: 8,640 bytes in 140 blocks
==55457==      possibly lost: 0 bytes in 0 blocks
==55457==    still reachable: 0 bytes in 0 blocks
==55457==         suppressed: 0 bytes in 0 blocks
==55457==
==55457== ERROR SUMMARY: 1 errors from 1 contexts (suppressed: 0 from 0)

A sample function which triggers the memory leak

#include <stdio.h>
#include <string.h>
#include <libssh/libssh.h>

void memorytestssh()
{
    char * username, * password;
    ssh_session session = ssh_new();
    if (session == NULL)
    {
        printf("cant alloc\n");
        return;
    }
    
    int port = 22;

    char * serversss = "1.1.1.1";
    char * test = "root:somepassword";
    char userpassword[256];
    strcpy(userpassword, test);
    char * save_ptr;

    username = strtok_r(userpassword, ":", &save_ptr); // actual project is multithreaded (using libpthread) thats why i use strtok_r
    password = strtok_r(NULL, ":", &save_ptr);

    ssh_options_set(session, SSH_OPTIONS_HOST, serversss);
    ssh_options_set(session, SSH_OPTIONS_USER, username);
    ssh_options_set(session, SSH_OPTIONS_PORT, &port);

    if(ssh_connect(session) != SSH_OK)
    {
        printf("cant connec\n");
        ssh_free(session);
        return;
    }
    printf("connected\n");
    if (ssh_userauth_password(session, NULL, password) != SSH_AUTH_SUCCESS)
    {
        printf("auth not work\n");
        ssh_disconnect(session);
        ssh_free(session);
        return;
    }
    
    //print oh yes worked
    ssh_disconnect(session);
    ssh_free(session);
}

int main(void)
{
    for (size_t i = 0; i < 20; i++)
    {
        printf("ran %ld time/s\n", i + 1);
        memorytestssh();
    }
}

For the memory leak to happen ssh_connect() needs to return SSH_OK / it has to be able to connect to a device with the tcp port 22 open.

This is a function i quickly wrote to demonstrate which causes the problem, i really dont know what i am doing wrong. Ive read the documentation multiple times and can't find the reason this would leak memory. Already tried with on other versions as well, its leaking memory everytime.

I tried upgrading / downgrading libssh. I am just clueless

0

There are 0 answers