[Openswan dev] LEAK_DETECTIVE hits passert()

Wed Dec 1 13:27:48 EST 2010

On Wed, 1 Dec 2010, D. Hugh Redelmeier wrote:

> quick_inI1_outR1_cryptocontinue1 calls start_dh_secret.
>
> After start_dh_secret returns this code will then execute:
>
>        if(e != STF_SUSPEND) {
>            if(dh->md != NULL) {
>                complete_v1_state_transition(&qke->md, e);
>                if(dh->md) release_md(qke->md);
>            }
>        }
>
> In the STF_INLINE, this is probably wrong:
> quick_inI1_outR1_cryptocontinue1 has already called complete_v1_state_transition
> and it has freed *dh.
> It called quick_inI1_outR1_cryptocontinue2 which did the release_md too.
>
> So this code would be more correct if the first line were
>        if(e != STF_SUSPEND && e != STF_INLINE) {
>
> I'm not asserting that it would actually be correct or even that this is
> part of the correct fix.

I can confirm however, that my test system no  longer crashes when this fix is applied.

Paul