Skip to content

Reference leaks in _hashlib.hmac_new and _hashlib.hmac_digest #130151

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
picnixz opened this issue Feb 15, 2025 · 0 comments
Closed

Reference leaks in _hashlib.hmac_new and _hashlib.hmac_digest #130151

picnixz opened this issue Feb 15, 2025 · 0 comments
Assignees
@picnixz
Labels
extension-modules C modules in the Modules dir type-bug An unexpected behavior, bug, or error

Comments

@picnixz
Copy link
Member

picnixz commented Feb 15, 2025
edited by bedevere-app bot
Loading

Bug report

Bug description:

The following leaks:

def test_leak1(self):
    import _hashlib
    self.assertRaises(TypeError, _hashlib.hmac_new, b"key", 1, "sha256")

The issue is in _hashlib_hmac_new_impl:

    self = PyObject_New(HMACobject, type);
    ...
    if ((msg_obj != NULL) && (msg_obj != Py_None)) {
        if (!_hmac_update(self, msg_obj))
            goto error;
    }
    return (PyObject*)self;

error:
    if (ctx) HMAC_CTX_free(ctx);
    if (self) PyObject_Free(self);
    return NULL;

More precisely, the issue is that we are only calling PyObject_Free(self) and we are not decrefing the type. So we need to call Py_XDECREF(self); instead and free ctx separately if self has not already been allocated. Note that the HMAC context is still cleared so we should not leak anything sensitive.

There is also a missing HMAC_CTX_free call in _hmac_digest, if the copy of the HMAC context fails. Again, there shouldn't be a security issue as the temporary context should still not be initialized on failure (and the secret key is not stored within, hopefully).

CPython versions tested on:

CPython main branch

Operating systems tested on:

No response

Linked PRs
@picnixz picnixz added extension-modules C modules in the Modules dir type-bug An unexpected behavior, bug, or error labels Feb 15, 2025
@picnixz picnixz self-assigned this Feb 15, 2025
@picnixz picnixz changed the title _hashlib.hmac_new is leaking if HMAC message object is of incorrect type _hashlib.hmac_new is missing a Py_DECREF(type) if HMAC message object is of incorrect type Feb 15, 2025
@picnixz picnixz changed the title _hashlib.hmac_new is missing a Py_DECREF(type) if HMAC message object is of incorrect type Reference leaks in _hashlib.hmac_new and _hashlib.hmac_digest Feb 15, 2025
@bedevere-app bedevere-app bot mentioned this issue Feb 15, 2025
Merged
@picnixz picnixz mentioned this issue Feb 15, 2025
Merged
1 task
gpshead pushed a commit that referenced this issue Feb 24, 2025
@picnixz
gh-130151: Fix reference leaks in _hashlib.hmac_{new,digest} (GH-13…
0718201 
…0152)

* fix leak in `_hashlib.hmac_new`
* fix leak in `hmac_digest`
* fix exception type in `_hashlib.HMAC.copy`
miss-islington pushed a commit to miss-islington/cpython that referenced this issue Feb 24, 2025
@picnixz @miss-islington
pythongh-130151: Fix reference leaks in _hashlib.hmac_{new,digest} (p…
1d76644 
…ythonGH-130152)

* fix leak in `_hashlib.hmac_new`
* fix leak in `hmac_digest`
* fix exception type in `_hashlib.HMAC.copy`
(cherry picked from commit 0718201)

Co-authored-by: Bénédikt Tran <[email protected]>
@bedevere-app bedevere-app bot mentioned this issue Feb 24, 2025
Merged
gpshead pushed a commit that referenced this issue Feb 24, 2025
@miss-islington @picnixz
[3.13] gh-130151: Fix reference leaks in _hashlib.hmac_{new,digest} (
86dab0e 
…GH-130152) (#130491)

gh-130151: Fix reference leaks in `_hashlib.hmac_{new,digest}` (GH-130152)

* fix leak in `_hashlib.hmac_new`
* fix leak in `hmac_digest`
* fix exception type in `_hashlib.HMAC.copy`
(cherry picked from commit 0718201)

Co-authored-by: Bénédikt Tran <[email protected]>
@bedevere-app bedevere-app bot mentioned this issue Feb 25, 2025
Merged
picnixz added a commit that referenced this issue Feb 25, 2025
@picnixz
[3.12] gh-130151: Fix reference leaks in _hashlib.hmac_{new,digest} (
b1a188a 
…GH-130152) (#130539)

gh-130151: Fix reference leaks in `_hashlib.hmac_{new,digest}` (GH-130152)

* fix leak in `_hashlib.hmac_new`
* fix leak in `hmac_digest`
* fix exception type in `_hashlib.HMAC.copy`
(cherry picked from commit 0718201)
@picnixz picnixz closed this as completed Feb 25, 2025
seehwan pushed a commit to seehwan/cpython that referenced this issue Apr 16, 2025
@picnixz @seehwan80
pythongh-130151: Fix reference leaks in _hashlib.hmac_{new,digest} (p…
2f966cf 
…ythonGH-130152)

* fix leak in `_hashlib.hmac_new`
* fix leak in `hmac_digest`
* fix exception type in `_hashlib.HMAC.copy`
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@picnixz picnixz

Labels
extension-modules C modules in the Modules dir type-bug An unexpected behavior, bug, or error
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@picnixz