Reputation: 167
openssl memory leak: me or bug?
Trying to parse info from certificates using openssl (1.0.2p) , can't make it leak-free. Code:
std::ifstream fst("2048b-rsa-example-cert.der", std::ios::binary);
std::vector<std::uint8_t> certificate((std::istreambuf_iterator<char>(fst)),
std::istreambuf_iterator<char>() );
const std::uint8_t* data = certificate.data();
X509 *info = d2i_X509(nullptr, &data, certificate.size());
X509_free(info);
Certificate examples:http://fm4dd.com/openssl/certexamples.htm
The biggest leak traceback:
==20846== at 0x4C2EEAF: malloc (vg_replace_malloc.c:299)
==20846== by 0x52380E7: CRYPTO_malloc (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x51BDF2F: lh_new (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x5239484: ex_data_check (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x5239544: def_get_class (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x5239FBA: int_new_ex_data (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x51DE8D3: x509_cb (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x51E28F8: asn1_item_ex_combine_new (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x51E55E8: asn1_item_ex_d2i (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x51E6224: ASN1_item_ex_d2i (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x51E627A: ASN1_item_d2i (in /usr/lib64/libcrypto.so.1.0.0)
==20846== by 0x109199: main (ssl.cpp:48)
platform: Linux
OpenSSL 1.0.2p 14 Aug 2018
built on: reproducible build, date unspecified
platform: linux-x86_64
options: bn(64,64) rc4(16x,int) des(idx,cisc,16,int) idea(int) blowfish(idx)
compiler: x86_64-pc-linux-gnu-gcc -I. -I.. -I../include -fPIC -DOPENSSL_PIC -DZLIB -DOPENSSL_THREADS -D_REENTRANT -DDSO_DLFCN -DHAVE_DLFCN_H -DL_ENDIAN -Wall -DOPENSSL_IA32_SSE2 -DOPENSSL_BN_ASM_MONT -DOPENSSL_BN_ASM_MONT5 -DOPENSSL_BN_ASM_GF2m -DRC4_ASM -DSHA1_ASM -DSHA256_ASM -DSHA512_ASM -DMD5_ASM -DAES_ASM -DVPAES_ASM -DBSAES_ASM -DWHIRLPOOL_ASM -DGHASH_ASM -DECP_NISTZ256_ASM -O2 -pipe -march=native -fno-strict-aliasing -Wa,--noexecstack
OPENSSLDIR: "/etc/ssl"
Upvotes: 5
Views: 3245
Answers (1)
Reputation: 17373
The OpenSSL Library Initialization wiki provides a list of functions that you might need to invoke to properly clean up the library. As far as I can tell, the bytes/blocks mentioned in your traceback are not leaked, but they are still in use at exit -- you did not provide all output though.
For this snippet, it looks like adding
CRYPTO_cleanup_all_ex_data();
at the end does the trick. Running it with valgrind with flags --leak-check=full --show-leak-kinds=all shows that the amount of "in use at exit" goes down from 416 bytes in 6 blocks to 0 bytes in 0 blocks.
Upvotes: 3
Related Questions
- c++ openssl 1.1.1 running RSA algorithm in thread causing memory leaks
- Can't find cause of Invalid free() / delete / delete[] / realloc()
- OpenSSL::SSL_library_init() memory leak
- Memory leak with multi threaded c++ application on ssl certificate validation
- How to properly uninitialize OpenSSL
- Memory leak in OpenSSL function EVP_PKEY_keygen
- Memory leak in OpenSSL?
- openssl: reducing memory usage
- Memory leak in OpenSSL function EVP_EncryptFinal_ex
- Finding memory violations/leaks