Subject: Re: [libssh2] #182: Various memory leaks

Re: [libssh2] #182: Various memory leaks

From: libssh2 Trac <>
Date: Wed, 30 Jun 2010 10:51:58 -0000

#182: Various memory leaks
  Reporter: john@… | Owner: bagder
      Type: defect | Status: assigned
  Priority: normal | Milestone: 1.2.6
 Component: API | Version: 1.2.6
Resolution: | Keywords:
    Blocks: | Blocked By:

Comment (by john@…):

 When an interrupt is received by a program any system call will fail with
 errno set to EINTR. This is not necessarily an error, or an indication
 that the socket has failed. It just shows that the system call has been
 I have software that has a 1 second alarm timer active. This causes
 reads/writes to fail with EINTR and I just call the read/write again.
 However I have another piece of software that uses an alarm timer to
 interrupt open/close/read/write on a device which may get stuck. In this
 cause the EINTR is an error.
 I haven't done an exhaustive check of the errno's returned from recv/send,
 and it's possible that there may be some other values that don't indicate
 the socket has failed. I provided the new function
 '''_libssh2_socket_failed_error''' as a common point to collect these
 values, it can also be used to collect values for different operating
 systems, eg windows which I know returns it's own error codes. It may be
 sensible to allow a user defined function for doing this check, I didn't
 go that far as it would require extending the API and session structure.

 I am only using session and channel objects, so I can't comment on scp
 If you look at the top of the '''_libssh2_channel_free''' in
 '''channel.c''' you will see that the software has to call
 _libssh2_channel_close successfully, ie rc is >= 0, to continue down
 through the function and release the memory. If the socket is dead then rc
 is alway < 0 and the rest of the function is never called. By detecting,
 and setting '''session->socket_state''' = LIBSSH2_SOCKET_DISCONNECTED,
 whenever the socket is used, the '''_libssh2_channel_free''' is NOT called
 and the rest of the function is called.
 This is what happens if you close the socket before calling
 '''libssh2_channel_free''' as in my modified '''ssh2.c''' in the patch

 The '''libssh2_publickey_list_free''' modification I mentioned has
 '''nothing''' to do with the memory leak issue, when I collected the
 latest software using git I got compiler errors. This function now tries
 to return LIBSSH2_ERROR_BAD_USE when pkey is NULL. The function is a
 '''void''' function. You need to decide if to return a value (and change
 the prototype) or just return (and change the code). Without this mod I
 could not compile the software.

Ticket URL: <>
libssh2 <>
C library for writing portable SSH2 clients
Received on 2010-06-30