Thanks a bunch. This helps me look in the right direction. This exercise was more of a “how do things work in general” kind to get a better understanding of the data flows.
It was just odd that when I grep searched the GitWeb that there was not a single define or typedef that described how PKCS7_free is supposed to work, whereas for other functions, one can trace it from the high level function to the root, e.g., sk_OPENSSL_STRING_num(st) ==> SKM_sk_num(type, st) ==> CHECKED_STACK_OF(type, p) ==> sk_num(const _STACK *st) On May 25, 2014, at 9:07 PM, Tom Francis <fr...@tcsaf.com> wrote: > > On May 25, 2014, at 10:15 AM, Han Sooloo <hansoo...@gmail.com> wrote: > >> Trying to understand how the crl2p7.c application allocates PKCS7 pointers. >> I see the PKCS7_new() function and it makes sense. >> >> However, I cannot find the definition of PKCS7_free(). The only place it >> shows up is in libeay.num as "PKCS7_free 444 >> EXIST::FUNCTION:” >> >> 2 questions: >> 1. What does the above declaration in libeay.num mean? >> 2. What is the definition of PKCS7_free()? How does it free memory pointed >> to by a PKCS7 data structure? > > Most of the structures that are defined as ASN.1 structures (including PKCS7) > have methods like _free implemented through a macro. You can search for the > definition of the IMPLEMENT_ASN1_FUNCTIONS macro (in crypto/asn1/asn1t.h) for > more info, but IIRC, it uses ASN1_item_free() which ultimately uses > OPENSSL_free() for (nearly?) everything inside (some structures (but not, > IIRC, PKCS7) will also have OPENSSL_cleanse invoked proper to releasing the > memory, and there’s a patch that will apply that more frequently). Some > structures use their own customer _new or _free methods, but I didn’t think > PKCS7 used a custom _new (and I don’t see one in 1.0.1g). In general, > though, if you’re manipulating the members of the structure directly, you > should be sure to allocate any buffers with OPENSSL_malloc() before assigning > them to members of the structure, as PKCS7_free will assume it can release > the buffers with OPENSSL_free(). I always find it simpler to not touch any > members directly, but use the methods and macros defined in pkcs7.h. They > should duplicate any buffers that PKCS7_free() expects to free on its own, so > it’ll be safe to release your buffers without worry. > > TOM > >> >> ______________________________________________________________________ >> OpenSSL Project http://www.openssl.org >> User Support Mailing List openssl-users@openssl.org >> Automated List Manager majord...@openssl.org >> > ______________________________________________________________________ > OpenSSL Project http://www.openssl.org > User Support Mailing List openssl-users@openssl.org > Automated List Manager majord...@openssl.org
