diff --git a/ci_scripts/suppressions/lsan.supp b/ci_scripts/suppressions/lsan.supp index 00ab2f110a22c..087f3164fc72c 100644 --- a/ci_scripts/suppressions/lsan.supp +++ b/ci_scripts/suppressions/lsan.supp @@ -1,14 +1,52 @@ +# external submodule +leak:kmip.c + +# the parser of command line arguments of the backend leak:save_ps_display_args + +# a bunch of not freed addrinfo sctructs, escaped values etc. leak:initdb.c -leak:fe_memutils.c -leak:fe-exec.c -leak:fe-connect.c -leak:pqexpbuffer.c -leak:strdup -leak:preproc.y -leak:pgtypeslib/common.c -leak:ecpglib/memory.c -leak:kmip.c + +# shlibs loaded with dlsym() never gets dlclose'd +# TODO: needs an investigation as it is down the call stack +# of exec_simple_query->PortalRun +leak:internal_load_library + +# pg_config utility does not free configdata +leak:pg_config/pg_config.c + +# A psprintf() result assigned to the global var pgdata_opt +leak:bin/pg_ctl/pg_ctl.c + +# TODO: A couple of not freed char *. Whilst wit's trivially to fix +# meson complains with "maybe-uninitialized" on free() +leak:bin/psql/describe.c + +# options parsing during the regressions start +leak:regression_main + +# Static funcs in /bin/psql/startup.c are used +# during the start to parse options +leak:simple_action_list_append +leak:parse_psql_options + +# A bunch of parameters, options and identifiers are not being freed. +# +# TODO?: ReceiveArchiveStreamChunk->CreateBackupStreamer down in the +# callstak creates a streamer that is never freed. It's being called in a loop +# but it looks like it is not a repetitive action and rather happens once per +# receiving CopyData message from server. +# +# bin/pg_basebackup/pg_basebackup.c +leak:BaseBackup + +# `varname` doesn't get freed in the case of warning and `continue` in the loop +# +# bin/psql/common.c +leak:StoreQueryTuple + +# does not free a bunch of parsed flags +leak:bin/pg_waldump/pg_waldump.c #pg_dump leak:getSchemaData diff --git a/contrib/pg_tde/src/access/pg_tde_tdemap.c b/contrib/pg_tde/src/access/pg_tde_tdemap.c index 29ee3267ab6ab..b79188de6172f 100644 --- a/contrib/pg_tde/src/access/pg_tde_tdemap.c +++ b/contrib/pg_tde/src/access/pg_tde_tdemap.c @@ -1077,6 +1077,10 @@ pg_tde_fetch_wal_keys(XLogRecPtr start_lsn) wal_rec = pg_tde_add_wal_key_to_cache(&stub_key, InvalidXLogRecPtr); +#ifdef FRONTEND + /* The backen frees it after copying to the cache. */ + pfree(principal_key); +#endif LWLockRelease(lock_pk); CloseTransientFile(fd); return wal_rec; @@ -1107,6 +1111,9 @@ pg_tde_fetch_wal_keys(XLogRecPtr start_lsn) return_wal_rec = wal_rec; } } +#ifdef FRONTEND + pfree(principal_key); +#endif LWLockRelease(lock_pk); CloseTransientFile(fd); diff --git a/contrib/pg_tde/src/catalog/tde_keyring.c b/contrib/pg_tde/src/catalog/tde_keyring.c index 80f5337066f1f..0f7b53164c1e2 100644 --- a/contrib/pg_tde/src/catalog/tde_keyring.c +++ b/contrib/pg_tde/src/catalog/tde_keyring.c @@ -562,6 +562,51 @@ check_provider_record(KeyringProviderRecord *provider_record) #endif /* !FRONTEND */ +void +free_keyring(GenericKeyring *keyring) +{ + FileKeyring *file = (FileKeyring *) keyring; + VaultV2Keyring *vault = (VaultV2Keyring *) keyring; + KmipKeyring *kmip = (KmipKeyring *) keyring; + + switch (keyring->type) + { + case FILE_KEY_PROVIDER: + if (file->file_name) + pfree(file->file_name); + break; + case VAULT_V2_KEY_PROVIDER: + if (vault->vault_ca_path) + pfree(vault->vault_ca_path); + if (vault->vault_mount_path) + pfree(vault->vault_mount_path); + if (vault->vault_token) + pfree(vault->vault_token); + if (vault->vault_token_path) + pfree(vault->vault_token_path); + if (vault->vault_url) + pfree(vault->vault_url); + break; + case KMIP_KEY_PROVIDER: + if (kmip->kmip_ca_path) + pfree(kmip->kmip_ca_path); + if (kmip->kmip_cert_path) + pfree(kmip->kmip_cert_path); + if (kmip->kmip_host) + pfree(kmip->kmip_host); + if (kmip->kmip_key_path) + pfree(kmip->kmip_key_path); + if (kmip->kmip_port) + pfree(kmip->kmip_port); + break; + default: + Assert(false); + break; + } + + pfree(keyring); +} + void write_key_provider_info(KeyringProviderRecordInFile *record, bool write_xlog) { @@ -682,6 +727,8 @@ simple_list_free(SimplePtrList *list) pfree(cell); cell = next; } + + pfree(list); } #endif /* FRONTEND */ @@ -818,6 +865,8 @@ load_file_keyring_provider_options(char *keyring_options) ereport(WARNING, errcode(ERRCODE_INVALID_PARAMETER_VALUE), errmsg("file path is missing in the keyring options")); + + free_keyring((GenericKeyring *) file_keyring); return NULL; } @@ -845,6 +894,8 @@ load_vaultV2_keyring_provider_options(char *keyring_options) (vaultV2_keyring->vault_token_path != NULL && vaultV2_keyring->vault_token_path[0] != '\0') ? "" : " tokenPath", (vaultV2_keyring->vault_url != NULL && vaultV2_keyring->vault_url[0] != '\0') ? "" : " url", (vaultV2_keyring->vault_mount_path != NULL && vaultV2_keyring->vault_mount_path[0] != '\0') ? "" : " mountPath")); + + free_keyring((GenericKeyring *) vaultV2_keyring); return NULL; } @@ -878,6 +929,8 @@ load_kmip_keyring_provider_options(char *keyring_options) (kmip_keyring->kmip_ca_path != NULL && kmip_keyring->kmip_ca_path[0] != '\0') ? "" : " caPath", (kmip_keyring->kmip_cert_path != NULL && kmip_keyring->kmip_cert_path[0] != '\0') ? "" : " certPath", (kmip_keyring->kmip_key_path != NULL && kmip_keyring->kmip_key_path[0] != '\0') ? "" : " keyPath")); + + free_keyring((GenericKeyring *) kmip_keyring); return NULL; } @@ -946,7 +999,10 @@ debug_print_kerying(GenericKeyring *keyring) static inline void get_keyring_infofile_path(char *resPath, Oid dbOid) { - join_path_components(resPath, pg_tde_get_data_dir(), psprintf(PG_TDE_KEYRING_FILENAME, dbOid)); + char *fname = psprintf(PG_TDE_KEYRING_FILENAME, dbOid); + + join_path_components(resPath, pg_tde_get_data_dir(), fname); + pfree(fname); } static int diff --git a/contrib/pg_tde/src/catalog/tde_principal_key.c b/contrib/pg_tde/src/catalog/tde_principal_key.c index 2ad5b1f4c779f..9ba0011c47762 100644 --- a/contrib/pg_tde/src/catalog/tde_principal_key.c +++ b/contrib/pg_tde/src/catalog/tde_principal_key.c @@ -863,7 +863,7 @@ get_principal_key_from_keyring(Oid dbOid) Assert(dbOid == principalKey->keyInfo.databaseId); pfree(keyInfo); - pfree(keyring); + free_keyring(keyring); pfree(principalKeyInfo); return principalKey; diff --git a/contrib/pg_tde/src/include/access/pg_tde_tdemap.h b/contrib/pg_tde/src/include/access/pg_tde_tdemap.h index f7d99f735c890..f3177544cf551 100644 --- a/contrib/pg_tde/src/include/access/pg_tde_tdemap.h +++ b/contrib/pg_tde/src/include/access/pg_tde_tdemap.h @@ -81,7 +81,10 @@ extern void pg_tde_create_wal_key(InternalKey *rel_key_data, const RelFileLocato static inline void pg_tde_set_db_file_path(Oid dbOid, char *path) { - join_path_components(path, pg_tde_get_data_dir(), psprintf(PG_TDE_MAP_FILENAME, dbOid)); + char *fname = psprintf(PG_TDE_MAP_FILENAME, dbOid); + + join_path_components(path, pg_tde_get_data_dir(), fname); + pfree(fname); } extern void pg_tde_save_smgr_key(RelFileLocator rel, const InternalKey *key); diff --git a/contrib/pg_tde/src/include/catalog/tde_keyring.h b/contrib/pg_tde/src/include/catalog/tde_keyring.h index db4a83ca02194..9aa7c279bf748 100644 --- a/contrib/pg_tde/src/include/catalog/tde_keyring.h +++ b/contrib/pg_tde/src/include/catalog/tde_keyring.h @@ -40,5 +40,6 @@ extern void redo_key_provider_info(KeyringProviderRecordInFile *xlrec); extern void ParseKeyringJSONOptions(ProviderType provider_type, GenericKeyring *out_opts, char *in_buf, int buf_len); +extern void free_keyring(GenericKeyring *keyring); #endif /* TDE_KEYRING_H */ diff --git a/contrib/pg_tde/src/keyring/keyring_vault.c b/contrib/pg_tde/src/keyring/keyring_vault.c index e03aca818d2c2..56bb76b0e6e07 100644 --- a/contrib/pg_tde/src/keyring/keyring_vault.c +++ b/contrib/pg_tde/src/keyring/keyring_vault.c @@ -438,5 +438,6 @@ json_resp_object_field_start(void *state, char *fname, bool isnull) break; } + pfree(fname); return JSON_SUCCESS; } diff --git a/contrib/pg_tde/src/pg_tde_change_key_provider.c b/contrib/pg_tde/src/pg_tde_change_key_provider.c index c66eb874de1ed..e842200d5b6c1 100644 --- a/contrib/pg_tde/src/pg_tde_change_key_provider.c +++ b/contrib/pg_tde/src/pg_tde_change_key_provider.c @@ -249,6 +249,7 @@ main(int argc, char *argv[]) controlfile->state != DB_SHUTDOWNED_IN_RECOVERY) pg_fatal("cluster must be shut down"); + pfree(controlfile); cptr = strcat(cptr, datadir); cptr = strcat(cptr, "/"); cptr = strcat(cptr, PG_TDE_DATA_DIR);