I can see this code in s3_lib.c
if (ctx->srp_ctx.login != NULL)
OPENSSL_free(ctx->srp_ctx.login);
while tls_srp.c does not have the NULL check before calling free. I
added the NULL check in tls_srp.c and I am not seeing the crash
anymore. Is this the fix or is there something more to this?
Regards,
Sudarshan
On Fri, May 25, 2012 at 5:00 PM, Sudarshan Raghavan
<sudarshan.t.ragha...@gmail.com> wrote:
> I enabled debug symbols in openssl and this is what I am seeing
>
>
> #3 0x0828bd74 in CUSTOM_FREE (oldMem=0x0) at ssl_mem.c:34
> #4 0xb758e160 in CRYPTO_free (str=0x0) at mem.c:397
> #5 0xb773520c in SSL_SRP_CTX_free (s=0xb3e4f300) at tls_srp.c:102
> #6 0xb77091c0 in ssl3_free (s=0xb3e4f300) at s3_lib.c:2995
> #7 0xb7712486 in tls1_free (s=0xb3e4f300) at t1_lib.c:165
> #8 0xb77265f2 in SSL_free (s=0xb3e4f300) at ssl_lib.c:586
>
> tls_srp.c :102 is this
>
> OPENSSL_free(s->srp_ctx.login);
>
> Regards,
> Sudarshan
>
> On Thu, May 24, 2012 at 7:23 PM, Dr. Stephen Henson <st...@openssl.org> wrote:
>> On Thu, May 24, 2012, Sudarshan Raghavan wrote:
>>
>>> Hi,
>>>
>>> I am using CRYPTO_set_mem_functions to use our own custom memory
>>> routines in a non blocking proxy implementation. This was working fine
>>> in 0.9.8 and 1.0.0 but with 1.0.1c I can see that the custom free
>>> routine is being invoked with a NULL argument after calling SSL_free
>>> and this results in the proxy crashing.
>>>
>>> #3 0x0828bd24 in CUSTOM_FREE (oldMem=0x0) at custom_mem.c:340
>>> #4 0xb75342b4 in CRYPTO_free () from
>>> /home/product/code/firmware/current/lib/openssl1.0/lib/libcrypto.so.1.0.0
>>> #5 0x00000000 in ?? ()
>>>
>>> This happens every time the SSL connections is torn down. If I don't
>>> use CRYPTO_set_mem_functions it works fine. I am assuming the default
>>> free routine ignores a NULL argument. Is it an expectation from the
>>> custom free routine to also ignore NULL? I can provide more
>>> information if needed. Can someone help me debug this problem.
>>>
>>
>> Well you need to compile OpenSSL with debugging symbols and find precisely
>> where this is happening with a stack trace. OpenSSL shoudln't be attempting
>> to
>> free a NULL so this is a bug which should be fixed.
>>
>> Steve.
>> --
>> Dr Stephen N. Henson. OpenSSL project core developer.
>> Commercial tech support now available see: http://www.openssl.org
>> ______________________________________________________________________
>> OpenSSL Project http://www.openssl.org
>> User Support Mailing List openssl-users@openssl.org
>> Automated List Manager majord...@openssl.org
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
