diff options
| author | Martin Willi <martin@revosec.ch> | 2015-04-13 17:12:49 +0200 |
|---|---|---|
| committer | Martin Willi <martin@revosec.ch> | 2015-04-15 14:38:42 +0200 |
| commit | 13a5a906e941b147d9b214a91d03d9ee356d723e (patch) | |
| tree | 27da8ae1c4feff47ba0d3b4bc198d6d08be24092 | |
| parent | d72817491d4d9bbbe95f95092b9b235dd42a3fd8 (diff) | |
| download | strongswan-13a5a906e941b147d9b214a91d03d9ee356d723e.tar.bz2 strongswan-13a5a906e941b147d9b214a91d03d9ee356d723e.tar.xz | |
gcrypt: Explicitly initialize RNG backend to allocate static data
The libgcrypt RNG implementation uses static buffer allocation which it does
not free. There is no symbol we can catch in leak-detective, hence we explicitly
initialize the RNG during the whitelisted gcrypt_plugin_create() function.
| -rw-r--r-- | src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c index 480c083c0..04f1f43ef 100644 --- a/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c +++ b/src/libstrongswan/plugins/gcrypt/gcrypt_plugin.c @@ -158,6 +158,9 @@ plugin_t *gcrypt_plugin_create() } gcry_control(GCRYCTL_INITIALIZATION_FINISHED, 0); + /* initialize static allocations we want to exclude from leak-detective */ + gcry_create_nonce(NULL, 0); + INIT(this, .public = { .plugin = { |