Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

libssh2_userauth_keyboard_interactive_ex callback and memory allocation #1078

Open
bagder opened this issue Jun 1, 2023 · 2 comments
Open

libssh2_userauth_keyboard_interactive_ex callback and memory allocation #1078

bagder opened this issue Jun 1, 2023 · 2 comments
Labels
bug documentation

Comments

@bagder
Copy link
Member

bagder commented Jun 1, 2023
edited

Describe the bug

The function libssh2_userauth_keyboard_interactive_ex calls a function in the app to return a set of passwords.

These passwords are documented as: String values will be free(3)ed by the library.

This is a problem on (for example) Windows when libssh2 is used as a DLL, as then they use memory models that cannot be shared between an application and the DLL.

This happens on git master and this issue has probably always existed. It can be circumvented by providing custom memory functions using libssh2_session_init_ex.
@bagder bagder added the bug label Jun 1, 2023
bagder added a commit to curl/curl that referenced this issue Jun 1, 2023
@bagder
libssh2: use custom memory functions
929aa80 
Because of how libssh2_userauth_keyboard_interactive_ex() works: the
libcurl callback allocates memory that is later free()d by libssh2, we
must set the custom memory functions.

Reverts 8b5f100

Ref: libssh2/libssh2#1078
@bagder bagder mentioned this issue Jun 1, 2023
Closed
@vszakats
Copy link
Member

vszakats commented Jun 1, 2023

It's surely confusing and non-obvious, but unless we want to change the API to never free() or return allocated pointers (to be freed by callers), we might make this gotcha clearer in the docs.

@bagder
Copy link
Member Author

bagder commented Jun 1, 2023

Yeah, I don't think we can fix this without adding a replacement function, and until someone wants to work on that I think clarifying this caveat in the documentation is the next best thing. At least there is a functioning workaround!

bagder added a commit to curl/curl that referenced this issue Jun 1, 2023
@bagder
libssh2: use custom memory functions
10d8404 
Because of how libssh2_userauth_keyboard_interactive_ex() works: the
libcurl callback allocates memory that is later free()d by libssh2, we
must set the custom memory functions.

Reverts 8b5f100

Ref: libssh2/libssh2#1078
Closes #11235
bch pushed a commit to bch/curl that referenced this issue Jul 19, 2023
@bagder @bch
libssh2: use custom memory functions
ffbd59e 
Because of how libssh2_userauth_keyboard_interactive_ex() works: the
libcurl callback allocates memory that is later free()d by libssh2, we
must set the custom memory functions.

Reverts 8b5f100

Ref: libssh2/libssh2#1078
Closes curl#11235
ptitSeb pushed a commit to wasix-org/curl that referenced this issue Sep 25, 2023
@bagder @ptitSeb
libssh2: use custom memory functions
5bf1906 
Because of how libssh2_userauth_keyboard_interactive_ex() works: the
libcurl callback allocates memory that is later free()d by libssh2, we
must set the custom memory functions.

Reverts 8b5f100

Ref: libssh2/libssh2#1078
Closes curl#11235
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug documentation
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@bagder @vszakats