Please provide a simple testcase program exhibiting the memory leak.
Please try with the most recent OpenSSL release. There are no known
issue with normal usage, however some recent patches have been added for
theoretical failure path memory leaks.
It is possible for memory leaks to still exist for normal usage where
you are never seeing a hard-error return from an OpenSSL API call this
code path is well trodden and it is unlikely for there to be any leaks
in OpenSSL itself and more usually the application or a misunderstanding
about the "ownership" of some SSL objects.
OpenSSL artifacts that are created by the application, then handed to
some other part of the API for use, so who is now responsible for the
destructions of them? That kind of misunderstanding.
Darryl
Vijay Kumar K wrote:
We are using the OpenSSL library in our program and the lib version is: 0.9.7g.
Currently we are observing huge memory leaks in openssl. We are not
quite sure if there is anything wrong in the way opessl APIs are used
in our program. We used following set of OpeSSL APIs as part of the
cleanup.
SSL_shutdown(m_pSSL);
SSL_free(m_pSSL);
ERR_free_strings();
ERR_remove_state(0);
CRYPTO_mem_leaks_cb(crypto_mem_leak_cb);
SSL_CTX_free()
When we used "CRYPTO_mem_leaks_cb" it printed quite a number of
instances for the memory leak. Adding all of them its coming to the
order of 45KB memory leak. Here are a a few samples of such incidents.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
