0

I am getting a memory leak on the memory dump using gdb in c++. I am not able to figure out the reason for the memory leak, I have shared the code which I am using. And when does the memory of the string freed when the string is initialized using string constructor?

code-

#include<bits/stdc++.h>
using namespace std;

string getpass(string mypass)
{
    string my="";
    for(int i=0;i<mypass.length();i++)
    {
        my+= mypass[i]+1;
    }
    
    return my;
}

string all()
{
    string mypass = "shivam";
    string rdpCommand;
    rdpCommand = string("/opt/xfreerdp ") + string(" /ppppp:'")+getpass(mypass)+ string("' ");
    rdpCommand.clear();
    rdpCommand.shrink_to_fit();
            
    string command ="";
    return command;
}

    
int main(){
     
     string t=all();
     sleep(100);    //using sleep so the execution doesn't terminate and I can take memory dump
         
}

The script I am using to take memory dump-

#!/bin/bash

grep rw-p /proc/$1/maps \
| sed -n 's/^\([0-9a-f]*\)-\([0-9a-f]*\) .*$/\1 \2/p' \
| while read start stop; do \
    gdb --batch --pid $1 -ex \
        "dump memory $1-$start-$stop.dump 0x$start 0x$stop"; \
done

Run above script by sudo ./script.sh [pid_of_process]

Screenshot showing memory dump-

Screenshot showing memory dump

Edit: I have tried the OpenSSL way of securing string but it didn't work and tried writing allocator and deallocator but it is giving error in linux. Both answers are in this link. how does one securely clear std::string?

shiva
  • 27
  • 1
  • 7
  • 1
    Why do you think you get a memory *leak*? A *leak* is usually when your program allocates a resource but doesn't free it after use. – Some programmer dude Jun 22 '21 at 07:22
  • the string destructor wont erase the strings from memory, it just marks that memory as available for re-use – Alan Birtles Jun 22 '21 at 07:25
  • @AlanBirtles and how does it make the memory available for re-use? – shiva Jun 22 '21 at 07:52
  • @Someprogrammerdude I think there is a memory leak because I can see the rdpCommand string in the memory dump. – shiva Jun 22 '21 at 07:54
  • But that's not a leak. Freeing memory doesn't automatically "scrub" its contents, or make the actual memory pages unavailable. The memory allocation system just mark those pages available to be used for future allocations, or to be released back to the OS if needed. – Some programmer dude Jun 22 '21 at 07:55
  • @Someprogrammerdude Ok, so let me rephrase my question- How should I remove string contents from memory after clearing the string because that can lead to many data leaks. – shiva Jun 22 '21 at 08:00
  • 1
    @shiva, if you're talking about security reasons, then in each c++ class with sensitive data define a destructor that will additionally nullify the data it used. In your case before assigning `""` to string, iterate every character in buffer and set to `'\0'` – Alexey S. Larionov Jun 22 '21 at 08:03
  • @AlexeyLarionov Yes, my query is majorly regarding security issues. – shiva Jun 22 '21 at 08:32
  • @AlexeyLarionov As per you suggestion i have added `rdpCommand.assign( rdpCommand.length(), '\0' );` just after the `rdpCommand = string("/opt/xfreerdp ") + string(" /ppppp:'")+getpass(mypass)+ string("' ");` statement but that didn't helped. – shiva Jun 22 '21 at 08:33
  • yep, the temporary strings you create all need zeroing too plus as the string grows it will allocate new buffers, you'd need to zero the old ones, see the linked duplicate for how to do this properly – Alan Birtles Jun 22 '21 at 10:46

0 Answers0