Issue 21324: dbhash/bsddb leaks random memory fragments to a database (original) (raw)

Created on 2014-04-21 19:54 by wodny, last changed 2022-04-11 14:58 by admin. This issue is now closed.

Messages (7)
msg216966 - (view) Author: Marcin Szewczyk (wodny) Date: 2014-04-21 19:54
As stated in the subject. Example is in a remote Git repository: https://bitbucket.org/wodny/python-dbm-experiments/ It shows how some random data gets into the database (into some gaps between keys and values). There is also a C example which hasn't been caught on leaking.
msg217046 - (view) Author: Jesús Cea Avión (jcea) * (Python committer) Date: 2014-04-23 01:24
Marcin, what Berkeley DB version are you using?. Platform?. 32 or 64 bits? Could you be able to compile & test a custom python patch?
msg217047 - (view) Author: Jesús Cea Avión (jcea) * (Python committer) Date: 2014-04-23 01:28
dbhash uses bsddb behind the curtain. Could you possibly try current bsddb external module at http://www.jcea.es/programacion/pybsddb.htm ?? Thanks.
msg217049 - (view) Author: Jesús Cea Avión (jcea) * (Python committer) Date: 2014-04-23 02:34
Experimenting with this, looks like the content leak is inside Berkeley DB code. The leak is always on offset X*4096 bytes away when the database pagesize is 4096 bytes. Looks like this is an important hint, since Python itself knows nothing about database pagesize. For instance: >>> a=open("secrets.db").read() >>> a.find("secret") 21184 >>> a.find("secret",21185) 25280 >>> 25280-21184 4096 >>> a.find("secret",25281) 37568 >>> 37568-25280 12288 >>> 12288/4096.0 3.0
msg217050 - (view) Author: Jesús Cea Avión (jcea) * (Python committer) Date: 2014-04-23 02:37
The C version reuses buffers, so the content leak is less probable. Could you possibly change the buffer for a malloc/free pair and try again?.
msg217101 - (view) Author: Jesús Cea Avión (jcea) * (Python committer) Date: 2014-04-23 23:32
I could be wrong, but I think this is an Oracle Berkeley DB bug. I contacted Oracle yesterday about this. Stand by.
msg275221 - (view) Author: Christian Heimes (christian.heimes) * (Python committer) Date: 2016-09-08 23:56
No activity in two years. I'm closing this ticket. Please reopen it if we still need to address the issue in 2.7. 3.4+ doesn't have bsddb.
History
Date User Action Args
2022-04-11 14:58:02 admin set github: 65523
2016-09-08 23:56:49 christian.heimes set status: open -> closednosy: + christian.heimesmessages: + resolution: out of date
2014-04-23 23:33:33 jcea set title: dbhash leaks random memory fragments to a database -> dbhash/bsddb leaks random memory fragments to a database
2014-04-23 23:32:59 jcea set messages: +
2014-04-23 02:37:01 jcea set messages: +
2014-04-23 02:34:08 jcea set messages: +
2014-04-23 01:28:46 jcea set messages: +
2014-04-23 01:24:40 jcea set messages: +
2014-04-23 01:12:22 jcea set nosy: + jcea
2014-04-21 20:03:28 jwilk set nosy: + jwilk
2014-04-21 19:54:44 wodny create