Merge pull request #64 from mehcode/fix_memory_leaks

Fix memory leaks #63

Author: bgaifullin

.travis.yml

@@ -23,7 +23,7 @@ install:
 - travis_retry pip install -r requirements-test.txt
 - travis_retry pip install -e "."
 - pip list
-script: py.test tests
+script: py.test -v tests
 
 before_deploy:
     - travis_retry pip install Sphinx

README.rst

@@ -15,7 +15,7 @@ Python bindings for the XML Security Library.
 Usage
 ******
 
-Check the `examples <https://github.com/mehcode/python-xmlsec/tree/master/tests/examples>`_ to see various examples of signing and verifying using the library.
+Check the `examples <http://pythonhosted.org/xmlsec/examples>`_ to see various examples of signing and verifying using the library.
 
 ************
 Requirements
@@ -146,6 +146,9 @@ Running the test suite
 
     py.test tests
 
+3. Tests configuration
+Env variable **PYXMLSEC_TEST_ITERATIONS** specifies number of test iterations to detect memory leaks.
+
 Reporting a issue
 -----------------
 Please attach the output of following information:

doc/source/modules/constants.rst

@@ -74,16 +74,21 @@ Nodes
 - *NodeObject*                 - Object
 - *NodeManifest*               - Manifest
 - *NodeEncryptedData*          - EncryptedData
+- *NodeEncryptedKey*           - EncryptedKey
 - *NodeEncryptionMethod*       - EncryptionMethod
 - *NodeEncryptionProperties*   - EncryptionProperties
 - *NodeEncryptionProperty*     - EncryptionProperty
 - *NodeCipherData*             - CipherData
 - *NodeCipherValue*            - CipherValue
 - *NodeCipherReference*        - CipherReference
+- *NodeReference               - Reference
 - *NodeReferenceList*          - ReferenceList
 - *NodeDataReference*          - DataReference
 - *NodeKeyReference*           - KeyReference
 - *NodeKeyInfo*                - KeyInfo
+- *NodeKeyName                 - KeyName
+- *NodeKeyValue                - KeyValue
+- *NodeX509Data                - X509Data
 
 Transforms
 **********

src/constants.c

@@ -348,9 +348,14 @@ int PyXmlSec_ConstantsModule_Init(PyObject* package) {
     PYXMLSEC_ADD_NODE_CONSTANT(NodeDataReference, "DATA_REFERENCE");
     PYXMLSEC_ADD_NODE_CONSTANT(NodeKeyReference, "KEY_REFERENCE");
 
+    PYXMLSEC_ADD_NODE_CONSTANT(NodeReference, "REFERENCE");
     PYXMLSEC_ADD_NODE_CONSTANT(NodeReferenceList, "REFERENCE_LIST");
 
     PYXMLSEC_ADD_NODE_CONSTANT(NodeKeyInfo, "KEY_INFO");
+    PYXMLSEC_ADD_NODE_CONSTANT(NodeKeyName, "KEY_NAME");
+    PYXMLSEC_ADD_NODE_CONSTANT(NodeKeyValue, "KEY_VALUE");
+
+    PYXMLSEC_ADD_NODE_CONSTANT(NodeX509Data, "X509_DATA");
 
     PYXMLSEC_CLOSE_NAMESPACE(nodeCls);
 #undef PYXMLSEC_ADD_NODE_CONSTANT

src/ds.c

@@ -39,17 +39,20 @@ static int PyXmlSec_SignatureContext__init__(PyObject* self, PyObject* args, PyO
     PYXMLSEC_DEBUGF("%p: init sign context", self);
     PyXmlSec_SignatureContext* ctx = (PyXmlSec_SignatureContext*)self;
     if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|O&:__init__", kwlist, PyXmlSec_KeysManagerConvert, &manager)) {
-        return -1;
+        goto ON_FAIL;
     }
-    PYXMLSEC_DEBUGF("%p", manager);
     ctx->handle = xmlSecDSigCtxCreate(manager != NULL ? manager->handle : NULL);
     if (ctx->handle == NULL) {
         PyXmlSec_SetLastError("failed to create the digital signature context");
-        return -1;
+        goto ON_FAIL;
     }
-    Py_XINCREF(manager);
     ctx->manager = manager;
+    PYXMLSEC_DEBUGF("%p: init sign context - ok, manager - %p", self, manager);
     return 0;
+ON_FAIL:
+    PYXMLSEC_DEBUGF("%p: init sign context - failed", self);
+    Py_XDECREF(manager);
+    return -1;
 }
 
 static void PyXmlSec_SignatureContext__del__(PyObject* self) {
@@ -65,8 +68,13 @@ static void PyXmlSec_SignatureContext__del__(PyObject* self) {
 
 static const char PyXmlSec_SignatureContextKey__doc__[] = "Signature key.\n";
 static PyObject* PyXmlSec_SignatureContextKeyGet(PyObject* self, void* closure) {
+    PyXmlSec_SignatureContext* ctx = ((PyXmlSec_SignatureContext*)self);
+    if (ctx->handle->signKey == NULL) {
+        Py_RETURN_NONE;
+    }
+
     PyXmlSec_Key* key = PyXmlSec_NewKey();
-    key->handle = ((PyXmlSec_SignatureContext*)self)->handle->signKey;
+    key->handle = ctx->handle->signKey;
     key->is_own = 0;
     return (PyObject*)key;
 }

src/enc.c

@@ -24,7 +24,7 @@ typedef struct {
 
 static PyObject* PyXmlSec_EncryptionContext__new__(PyTypeObject *type, PyObject *args, PyObject *kwargs) {
     PyXmlSec_EncryptionContext* ctx = (PyXmlSec_EncryptionContext*)PyType_GenericNew(type, args, kwargs);
-    PYXMLSEC_DEBUGF("%p: new sign context", ctx);
+    PYXMLSEC_DEBUGF("%p: new enc context", ctx);
     if (ctx != NULL) {
         ctx->handle = NULL;
         ctx->manager = NULL;
@@ -37,24 +37,26 @@ static int PyXmlSec_EncryptionContext__init__(PyObject* self, PyObject* args, Py
 
     PyXmlSec_KeysManager* manager = NULL;
     PyXmlSec_EncryptionContext* ctx = (PyXmlSec_EncryptionContext*)self;
-    PYXMLSEC_DEBUGF("%p: init sign context", self);
+    PYXMLSEC_DEBUGF("%p: init enc context", self);
     if (!PyArg_ParseTupleAndKeywords(args, kwargs, "|O&:__init__", kwlist, PyXmlSec_KeysManagerConvert, &manager)) {
-        return -1;
+        goto ON_FAIL;
     }
-
-    PYXMLSEC_DEBUGF("%p", manager);
     ctx->handle = xmlSecEncCtxCreate(manager != NULL ? manager->handle : NULL);
     if (ctx->handle == NULL) {
-        PyXmlSec_SetLastError("failed to create the digital signature context");
-        return -1;
+        PyXmlSec_SetLastError("failed to create the encryption context");
+        goto ON_FAIL;
     }
-    Py_XINCREF(manager);
     ctx->manager = manager;
+    PYXMLSEC_DEBUGF("%p: init enc context - ok, manager - %p", self, manager);
     return 0;
+ON_FAIL:
+    PYXMLSEC_DEBUGF("%p: init enc context - failed", self);
+    Py_XDECREF(manager);
+    return -1;
 }
 
 static void PyXmlSec_EncryptionContext__del__(PyObject* self) {
-    PYXMLSEC_DEBUGF("%p: delete sign context", self);
+    PYXMLSEC_DEBUGF("%p: delete enc context", self);
     PyXmlSec_EncryptionContext* ctx = (PyXmlSec_EncryptionContext*)self;
     if (ctx->handle != NULL) {
         xmlSecEncCtxDestroy(ctx->handle);
@@ -66,8 +68,13 @@ static void PyXmlSec_EncryptionContext__del__(PyObject* self) {
 
 static const char PyXmlSec_EncryptionContextKey__doc__[] = "Encryption key.\n";
 static PyObject* PyXmlSec_EncryptionContextKeyGet(PyObject* self, void* closure) {
+    PyXmlSec_EncryptionContext* ctx = ((PyXmlSec_EncryptionContext*)self);
+    if (ctx->handle->encKey == NULL) {
+        Py_RETURN_NONE;
+    }
+
     PyXmlSec_Key* key = PyXmlSec_NewKey();
-    key->handle = ((PyXmlSec_EncryptionContext*)self)->handle->encKey;
+    key->handle = ctx->handle->encKey;
     key->is_own = 0;
     return (PyObject*)key;
 }
@@ -142,9 +149,10 @@ static void PyXmlSec_ClearReplacedNodes(xmlSecEncCtxPtr ctx, PyXmlSec_LxmlDocume
     xmlNodePtr n = ctx->replacedNodeList;
     xmlNodePtr nn;
     while (n != NULL) {
+        PYXMLSEC_DEBUGF("clear replaced node %p", n);
         nn = n->next;
         // if n has references, it will not be deleted
-        Py_XDECREF(PyXmlSec_elementFactory(doc, n));
+        Py_DECREF(PyXmlSec_elementFactory(doc, n));
         n = nn;
     }
     ctx->replacedNodeList = NULL;
@@ -290,7 +298,7 @@ static PyObject* PyXmlSec_EncryptionContextDecrypt(PyObject* self, PyObject* arg
     }
 
     xmlNodePtr xparent = node->_c_node->parent;
-    if (xparent != NULL && !_isElement(xparent)) {
+    if (xparent != NULL && !PyXmlSec_IsElement(xparent)) {
         xparent = NULL;
     }
 
@@ -323,7 +331,7 @@ static PyObject* PyXmlSec_EncryptionContextDecrypt(PyObject* self, PyObject* arg
     if (!ctx->resultReplaced) {
         Py_XDECREF(node_num);
         Py_XDECREF(parent);
-        PYXMLSEC_DEBUGF("%p: decrypt - ok", self);
+        PYXMLSEC_DEBUGF("%p: binary.decrypt - ok", self);
         return PyBytes_FromStringAndSize(
             (const char*)xmlSecBufferGetData(ctx->result), (Py_ssize_t)xmlSecBufferGetSize(ctx->result)
         );
@@ -341,7 +349,7 @@ static PyObject* PyXmlSec_EncryptionContextDecrypt(PyObject* self, PyObject* arg
             parent = tmp;
         }
         Py_DECREF(node_num);
-        PYXMLSEC_DEBUGF("%p: decrypt - ok", self);
+        PYXMLSEC_DEBUGF("%p: parent.decrypt - ok", self);
         return parent;
     }
 

src/exception.c

@@ -122,6 +122,7 @@ void PyXmlSec_SetLastError2(PyObject* type, const char* msg) {
         }
     }
     PyErr_SetObject(type, last);
+    Py_DECREF(last);
 }
 
 void PyXmlSec_SetLastError(const char* msg) {

src/keys.c

@@ -354,7 +354,11 @@ static PyObject* PyXmlSec_KeyNameGet(PyObject* self, void* closure) {
         PyErr_SetString(PyExc_ValueError, "key is not ready");
         return NULL;
     }
-    return PyString_FromString((const char*)xmlSecKeyGetName(handle));
+    const char* cname = (const char*)xmlSecKeyGetName(handle);
+    if (cname != NULL) {
+        return PyString_FromString(cname);
+    }
+    Py_RETURN_NONE;
 }
 
 static int PyXmlSec_KeyNameSet(PyObject* self, PyObject* value, void* closure) {
@@ -517,6 +521,7 @@ static void PyXmlSec_KeysManager__del__(PyObject* self) {
     PYXMLSEC_DEBUGF("%p: delete KeysManager", self);
     PyXmlSec_KeysManager* manager = (PyXmlSec_KeysManager*)self;
     if (manager->handle != NULL) {
+        PYXMLSEC_DEBUGF("%p: delete KeysManager handle - %p", self, manager->handle);
         xmlSecKeysMngrDestroy(manager->handle);
     }
     Py_TYPE(self)->tp_free(self);
@@ -528,7 +533,7 @@ static const char PyXmlSec_KeysManagerAddKey__doc__[] = \
 static PyObject* PyXmlSec_KeysManagerAddKey(PyObject* self, PyObject* args, PyObject* kwargs) {
     static char *kwlist[] = { "key", NULL};
 
-    PyXmlSec_Key* key;
+    PyXmlSec_Key* key = NULL;
 
     PYXMLSEC_DEBUGF("%p(%p): add key - start", self, ((PyXmlSec_KeysManager*)self)->handle);
     if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O!:add_key", kwlist, PyXmlSec_KeyType, &key)) {
@@ -574,15 +579,18 @@ static const char PyXmlSec_KeysManagerLoadCert__doc__[] = \
 static PyObject* PyXmlSec_KeysManagerLoadCert(PyObject* self, PyObject* args, PyObject* kwargs) {
     static char *kwlist[] = { "filename", "format", "type", NULL};
 
-    const char* filename = NULL;
+    PyObject* filepath = NULL;
     unsigned int format = 0;
     unsigned int type = 0;
 
     PYXMLSEC_DEBUGF("%p: load cert - start", self);
-    if (!PyArg_ParseTupleAndKeywords(args, kwargs, "sII:load_cert", kwlist, &filename, &format, &type)) {
+    if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O&II:load_cert", kwlist,
+        PyString_FSConverter, &filepath, &format, &type)) {
         goto ON_FAIL;
     }
 
+    const char* filename = PyBytes_AsString(filepath);
+
     int rv;
     Py_BEGIN_ALLOW_THREADS;
     rv = xmlSecCryptoAppKeysMngrCertLoad(((PyXmlSec_KeysManager*)self)->handle, filename, format, type);
@@ -591,10 +599,12 @@ static PyObject* PyXmlSec_KeysManagerLoadCert(PyObject* self, PyObject* args, Py
         PyXmlSec_SetLastError("cannot load cert");
         goto ON_FAIL;
     }
+    Py_DECREF(filepath);
     PYXMLSEC_DEBUGF("%p: load cert - ok", self);
     Py_RETURN_NONE;
 ON_FAIL:
     PYXMLSEC_DEBUGF("%p: load cert - fail", self);
+    Py_XDECREF(filepath);
     return NULL;
 }
 

src/lxml.c

@@ -10,6 +10,7 @@
 #include "common.h"
 #include "lxml.h"
 
+#include <etree_defs.h>
 #include <lxml.etree_api.h>
 
 #include <libxml/xmlmemory.h>
@@ -21,6 +22,10 @@ int PyXmlSec_InitLxmlModule(void) {
     return import_lxml__etree();
 }
 
+int PyXmlSec_IsElement(xmlNodePtr xnode) {
+    return _isElement(xnode);
+}
+
 PyXmlSec_LxmlElementPtr PyXmlSec_elementFactory(PyXmlSec_LxmlDocumentPtr doc, xmlNodePtr xnode) {
     return elementFactory(doc, xnode);
 }

src/lxml.h

@@ -16,12 +16,13 @@
 #include <libxml/valid.h>
 
 #include <lxml-version.h>
-#include <etree_defs.h>
 #include <lxml.etree.h>
 
 typedef struct LxmlElement* PyXmlSec_LxmlElementPtr;
 typedef struct LxmlDocument* PyXmlSec_LxmlDocumentPtr;
 
+// checks that xnode is Element
+int PyXmlSec_IsElement(xmlNodePtr xnode);
 // creates a new element
 PyXmlSec_LxmlElementPtr PyXmlSec_elementFactory(PyXmlSec_LxmlDocumentPtr doc, xmlNodePtr node);
 

src/template.c

@@ -23,28 +23,28 @@ static char PyXmlSec_TemplateCreate__doc__[] = \
     ":param node: the signature node\n"
     ":param c14n_method: the signature canonicalization method\n"
     ":param sign_method: the signature method\n"
-    ":param name: the node id (optional)\n"
+    ":param id: the node id (optional)\n"
     ":param ns: the namespace prefix for the signature element (e.g. \"dsig\") (optional)\n"
     ":return: the pointer to newly created <dsig:Signature/> node\n";
 static PyObject* PyXmlSec_TemplateCreate(PyObject* self, PyObject *args, PyObject *kwargs) {
-    static char *kwlist[] = { "node", "c14n_method", "sign_method", "name", "ns", NULL};
+    static char *kwlist[] = { "node", "c14n_method", "sign_method", "id", "ns", "name", NULL};
 
     PyXmlSec_LxmlElementPtr node = NULL;
     PyXmlSec_Transform* c14n = NULL;
     PyXmlSec_Transform* sign = NULL;
-    const char* name = NULL;
+    const char* id = NULL;
     const char* ns = NULL;
 
     PYXMLSEC_DEBUG("template create - start");
-    if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O&O!O!|zz:create", kwlist,
-        PyXmlSec_LxmlElementConverter, &node, PyXmlSec_TransformType, &c14n, PyXmlSec_TransformType, &sign, &name, &ns))
+    if (!PyArg_ParseTupleAndKeywords(args, kwargs, "O&O!O!|zzz:create", kwlist,
+        PyXmlSec_LxmlElementConverter, &node, PyXmlSec_TransformType, &c14n, PyXmlSec_TransformType, &sign, &id, &ns, &id))
     {
         goto ON_FAIL;
     }
 
     xmlNodePtr res;
     Py_BEGIN_ALLOW_THREADS;
-    res = xmlSecTmplSignatureCreateNsPref(node->_doc->_c_doc, c14n->id, sign->id, XSTR(name), XSTR(ns));
+    res = xmlSecTmplSignatureCreateNsPref(node->_doc->_c_doc, c14n->id, sign->id, XSTR(id), XSTR(ns));
     Py_END_ALLOW_THREADS;
     if (res == NULL) {
         PyXmlSec_SetLastError("cannot create template.");
@@ -496,7 +496,7 @@ static PyObject* PyXmlSec_TemplateAddX509DataAddCRL(PyObject* self, PyObject *ar
 static char PyXmlSec_TemplateAddEncryptedKey__doc__[] = \
     "Adds <enc:EncryptedKey/> node with given attributes to the <dsig:KeyInfo/> node of *node*.\n\n"
     ":param node: the pointer to <dsig:KeyInfo/> node\n"
-    ":param method: the encryption method (optional)\n"
+    ":param method: the encryption method\n"
     ":param id: the Id attribute (optional)\n"
     ":param type: the Type attribute (optional)\n"
     ":param recipient: the Recipient attribute (optional)\n"
@@ -536,7 +536,7 @@ static PyObject* PyXmlSec_TemplateAddEncryptedKey(PyObject* self, PyObject *args
 static char PyXmlSec_TemplateCreateEncryptedData__doc__[] = \
     "Creates new <{ns}:EncryptedData /> node for encryption template.\n\n"
     ":param node: the pointer to signature node\n"
-    ":param method: the encryption method (optional)\n"
+    ":param method: the encryption method\n"
     ":param id: the Id attribute (optional)\n"
     ":param type: the Type attribute (optional)\n"
     ":param mime_type: the Recipient attribute (optional)\n"

src/tree.c

@@ -232,7 +232,6 @@ int PyXmlSec_TreeModule_Init(PyObject* package) {
 
     if (!tree) goto ON_FAIL;
 
-    PYXMLSEC_DEBUGF("%", tree);
     if (PyModule_AddObject(package, "tree", tree) < 0) goto ON_FAIL;
 
     return 0;