[xmlsec] Memory leak ( Verify Signature using Invalid Transform type)
Alexwell Sandro
alexwellll at gmail.com
Fri Aug 30 11:30:26 PDT 2013
I create enveloping signature of binary file:
...
<ds:Reference Id="myId" URI="#*ObjectId*">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64"/>
</ds:Transforms>
...
<ds:Object Id="*ObjectId*">ghimBgkq</ds:Object>
...
*I edited the file placing a transform (invalid to binary):*
...
<ds:Reference Id="myId" URI="#*ObjectId*">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#base64"/>
*<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>*
</ds:Transforms>
...
<ds:Object Id="*ObjectId*">ghimBgkq</ds:Object>
...
When verify occurs memory leak.
Is related to (at *transforms.c* line 2807)
*buffer =
(xmlSecTransformIOBufferPtr)xmlMalloc(sizeof(xmlSecTransformIOBuffer));*
(at *c14n.c* line 277).
...
*ret = xmlOutputBufferClose(buf);*
...
ret contains the value (-1)
Is memory leak, or some error in my build?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://www.aleksey.com/pipermail/xmlsec/attachments/20130830/e74db457/attachment.html>
More information about the xmlsec
mailing list