Hi, On Sat, 18 Feb 2012 12:47:34 +0800 (CST) "Ziyu Liu" <lzyz...@126.com> wrote:
> I think you may call the function [X509 *SSL_get_peer_certificate(const SSL > *s)] > to get a peer's certificate, but you have freed this certificate. > SSL_get_peer_certificate will increase the reference count of this > certificate and finally you will find that you haven't freed this > certificate's memory.Call X509_free after you have used the certificate > that ssl feeds. Thanks for your suggestion. Unfortunately I'm not calling SSL_get_peer_certificate. The only additional function calls are these when the leak occurs in case of an invalid cert: X509_STORE_CTX_get_error() X509_verify_cert_error_string() These should not increase the refcount. The server code does not leak when the client presents a valid certificate. Regards, Botond > > > > > > > At 2012-02-18 05:25:55,"Botond Botyanszki" <b...@siliconium.net> wrote: > >Hi, > > > >I'm experiencing a memory leak in my server code using openssl 1.0.0g > >when a client with a self-signed cert tries to connect and is refused. > >Valgrind's massif traces this back to ssl3_get_client_certificate() > >at s3_srvr.c:2956, such as the following: > > > >| ->10.77% (4,116,792B) 0x5364BC3: asn1_item_ex_combine_new (tasn_new.c:191) > >| | ->08.39% (3,206,136B) 0x5367605: ASN1_item_ex_d2i (tasn_dec.c:400) > >| | | ->05.81% (2,219,640B) 0x5367B3F: asn1_template_noexp_d2i > >(tasn_dec.c:706) > >| | | | ->04.47% (1,707,408B) 0x5367EEA: asn1_template_ex_d2i > >(tasn_dec.c:607) > >| | | | | ->04.47% (1,707,408B) 0x536773B: ASN1_item_ex_d2i (tasn_dec.c:195) > >| | | | | ->04.47% (1,707,408B) 0x5367B3F: asn1_template_noexp_d2i > >(tasn_dec.c:706) > >| | | | | ->04.47% (1,707,408B) 0x5367EEA: asn1_template_ex_d2i > >(tasn_dec.c:607) > >| | | | | ->04.47% (1,707,408B) 0x536773B: ASN1_item_ex_d2i > >(tasn_dec.c:195) > >| | | | | ->04.47% (1,707,408B) 0x53607D3: x509_name_ex_d2i > >(x_name.c:186) > >| | | | | ->04.47% (1,707,408B) 0x5367051: ASN1_item_ex_d2i > >(tasn_dec.c:239) > >| | | | | ->04.47% (1,707,264B) 0x5367C8F: > >asn1_template_noexp_d2i (tasn_dec.c:746) > >| | | | | | ->03.57% (1,365,984B) 0x5367EEA: > >asn1_template_ex_d2i (tasn_dec.c:607) > >| | | | | | | ->03.57% (1,365,984B) 0x5367342: ASN1_item_ex_d2i > >(tasn_dec.c:448) > >| | | | | | | ->03.57% (1,365,984B) 0x5367C8F: > >asn1_template_noexp_d2i (tasn_dec.c:746) > >| | | | | | | ->03.57% (1,365,984B) 0x5367EEA: > >asn1_template_ex_d2i (tasn_dec.c:607) > >| | | | | | | ->03.57% (1,365,984B) 0x5367342: > >ASN1_item_ex_d2i (tasn_dec.c:448) > >| | | | | | | ->03.57% (1,365,984B) 0x5368022: > >ASN1_item_d2i (tasn_dec.c:136) > >| | | | | | | ->03.57% (1,364,544B) 0x587AF12: > >ssl3_get_client_certificate (s3_srvr.c:2956) > >| | | | | | | | ->03.57% (1,364,544B) 0x587C206: > >ssl3_accept (s3_srvr.c:519) > >| | | | | | | | ->03.57% (1,364,544B) 0x5885D80: > >ssl3_read_bytes (s3_pkt.c:941) > >| | | | | | | | ->03.57% (1,364,544B) 0x5882AC8: > >ssl3_read (s3_lib.c:3274) > > > >After the disconnection I'm calling SSL_free() and SSL_CTX_free() but it > >looks like the X509 structures allocated by ssl3_get_client_certificate() > >are still leaked. Do I need to call something in addition in order to > >have this freed? Otherwise I suspect that this is a leak in openssl. > > > >Regards, > >Botond > >______________________________________________________________________ > >OpenSSL Project http://www.openssl.org > >User Support Mailing List openssl-users@openssl.org > >Automated List Manager majord...@openssl.org ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org
