This SEGV in realfree() was caused by a bug in our custom OpenLDAP back end. The bad code caused a malloc'd pointer to be freed twice.
Sorry for the noise in openssl-users. Vic Abell > -----Original Message----- > From: [EMAIL PROTECTED] > [mailto:[EMAIL PROTECTED] Behalf Of Vic Abell > Sent: Monday, July 21, 2003 2:15 PM > To: [EMAIL PROTECTED] > Subject: malloc SEGV during ssl3_shutdown processing > > > Application: OpenLDAP 2.1.22 > System: Solaris 8 > Library: OpenSSL 0.9.7b > > During the shutdown of a TLS|SSL connection to an > OpenLDAP 2.1.22 a SEGV fault occurs in the standard > Sun malloc(3C) library's realfree() internal function. > > This looks like general memory corruption and I'm > looking in all directions for a cause of that. > > However, on the remote chance that this is a problem > specific to the use of OpenSSL 0.9.7b, I'm posting > this query. > > The entire function trace in ascending order is: > > OpenLDAP 2.1.22 > sb_tls_close > OpenSSL 0.9.7b: > ssl3_shutdown > ssl3_send_alert > tls1_mac > HMAC_Init_ex > EVP_DigestInit)ex > CRYPTO_malloc > Solaris 8 libc: > malloc > _malloc_unlocked > cleanfree > realfree > > If this sounds familiar to anyone, please let me know. > > Vic Abell > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List [EMAIL PROTECTED] > Automated List Manager [EMAIL PROTECTED] > ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
