[xmlsec] Memory leak when verifying xml
Luka Por
luka at zrcalo.si
Fri May 13 17:30:37 PDT 2005
I have a problem. I using xmlsec 1.2.8 mscrypto for signing/verifying
xml. that's work great.
when i verify a lot of same xml, task manager show me that memory grows
(leaks). My code looks :
int verify_xml(const char* xml, int xmlLen, const char *signedNodeName) {
xmlDocPtr doc = NULL;
xmlNodePtr node = NULL;
xmlSecDSigCtxPtr dsigCtx = NULL;
xmlNodePtr keyInfo, x509Data, x509Certificate = NULL;
xmlChar *certEncode;
tByte *certBin;
int certBinLen;
xmlSecKeysMngrPtr keyMngr;
HCERTSTORE hKeyStore;
if((xml == NULL) || (xmlLen < 1)) {
return -1;
}
/* load doc from memory */
doc = xmlParseMemory(xml, xmlLen);
if ((doc == NULL) || (xmlDocGetRootElement(doc) == NULL)){
if(doc != NULL) {
xmlFreeDoc(doc);
}
return -2;
}
/* find signed node */
node = zrcXmlFindNode(xmlDocGetRootElement(doc), signedNodeName);
if(node == NULL) {
xmlFreeDoc(doc);
return -2;
}
xmlSecAddIDs(doc, node, xmlSecEncIds);
/* find start node */
node = zrcXmlFindNode(xmlDocGetRootElement(doc), xmlSecNodeSignature);
if(node == NULL) {
xmlFreeDoc(doc);
return -3;
}
keyInfo = zrcXmlFindNode(node, xmlSecNodeKeyInfo);
if(keyInfo == NULL) {
xmlFreeDoc(doc);
return -4;
}
x509Data = zrcXmlFindNode(keyInfo, xmlSecNodeX509Data);
if(x509Data == NULL) {
xmlFreeDoc(doc);
return -5;
}
x509Certificate = zrcXmlFindNode(x509Data, xmlSecNodeX509Certificate);
if(x509Certificate == NULL) {
xmlFreeDoc(doc);
return -6;
}
/* create the key mngr */
keyMngr = xmlSecKeysMngrCreate() ;
certEncode = xmlNodeListGetString(doc,
x509Certificate->xmlChildrenNode, 0);
if(certEncode == NULL) {
xmlFreeDoc(doc);
return -77;
}
certBinLen = B64_Decode(certEncode, &certBin);
if(certBinLen <= 0) {
xmlFree(certEncode);
xmlFreeDoc(doc);
return -8;
}
xmlFree(certEncode);
hKeyStore = CertOpenStore( CERT_STORE_PROV_MEMORY, // The memory
provider type
0, // The
encoding type is not needed
0, // Use the
default HCRYPTPROV
0, // Accept the
default dwFlags
NULL // pvPara is
not used
);
//add certificate
CertAddEncodedCertificateToStore(hKeyStore, PKCS_7_ASN_ENCODING ||
X509_ASN_ENCODING, certBin, certBinLen, CERT_STORE_ADD_ALWAYS, NULL);
/* add cert store to the mngr */
xmlSecMSCryptoAppDefaultKeysMngrAdoptTrustedStore(keyMngr, hKeyStore);
/* create signature context, we don't need keys manager in this
example */
dsigCtx = xmlSecDSigCtxCreate(keyMngr);
if(dsigCtx == NULL) {
xmlFreeDoc(doc);
xmlSecKeysMngrDestroy(keyMngr);
CertCloseStore(hKeyStore, 0);
return -7;
}
/* load public key */
dsigCtx->signKey = xmlSecCryptoAppKeyLoadMemory(certBin, certBinLen,
xmlSecKeyDataFormatCertDer, NULL, NULL, NULL);
if(dsigCtx->signKey == NULL) {
free(certBin);
xmlSecDSigCtxDestroy(dsigCtx);
xmlFreeDoc(doc);
xmlSecKeysMngrDestroy(keyMngr);
CertCloseStore(hKeyStore, 0);
return -9;
}
free(certBin);
/* Verify signature */
if(xmlSecDSigCtxVerify(dsigCtx, node) < 0) {
xmlSecDSigCtxDestroy(dsigCtx);
xmlFreeDoc(doc);
xmlSecKeysMngrDestroy(keyMngr);
CertCloseStore(hKeyStore, 0);
return -10;
}
/* print verification result to stdout */
if(dsigCtx->status == xmlSecDSigStatusSucceeded) {
xmlSecDSigCtxDestroy(dsigCtx);
xmlFreeDoc(doc);
xmlSecKeysMngrDestroy(keyMngr);
CertCloseStore(hKeyStore, 0);
return 0;
} else {
xmlSecDSigCtxDestroy(dsigCtx);
xmlFreeDoc(doc);
xmlSecKeysMngrDestroy(keyMngr);
CertCloseStore(hKeyStore, 0);
return -11;
}
}
Program:
Init()
SignXml(...)
while(1) {
verify_xml(..)
}
Done()
Any suggestions, thanks in advance
Luka Por
More information about the xmlsec
mailing list