Relates :
|
We observed memory leaks in the ucrypto library when running benchmarks. Millions on small allocations (1byte) allocated in Java_com_oracle_security_ucrypto_NativeCipher_nativeFinal(). Code analysis showed that the output buffer for the cypher operation was not freed under all circumstances. Leaks could occur if: - the output len of the output array was 0 or the output write position is at the end of the output array. In this case, calloc(0) was performed, which yields a valid small allocation, which then is never freed. - theoretically, if CypherFinal() sets the output length to 0. This was introduced with JDK-8130875.