'[openssl.org #2439] bug report: memory leak'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openssl-dev
Subject:    [openssl.org #2439] bug report: memory leak
From:       "Eugene Manko via RT" <rt () openssl ! org>
Date:       2011-01-25 19:17:25
Message-ID: rt-3.4.5-2266-1295983045-915.2439-21-0 () openssl ! org
[Download RAW message or body]

Hi there,



We wanted to submit a memory leak bug report and am not sure whether this is
the best way of doing so or whether we should fix it ourselves and then
submit bug fix to you guys?



Main memory leak that we are sure about is in ssl/ssl_ciph.c :
load_builtin_compressions function:



                     *ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);   // <-
leak*

                     if (ssl_comp_methods != NULL)

                           {

                           comp=(SSL_COMP *)OPENSSL_malloc(sizeof
(SSL_COMP));

                           if (comp != NULL)

                                  {

                                  comp->method=COMP_zlib();

                                  if (*comp->method*

*                                         && comp->method->type == NID_undef
*)  // <- Leak if this condition is not met

                                         OPENSSL_free(comp);

                                  else

                                         {

                                         comp->id=SSL_COMP_ZLIB_IDX;

                                         comp->name=comp->method->name;


sk_SSL_COMP_push(ssl_comp_methods,comp);

                                         }

                                  }

                           }





This results in two blocks 16 and 20 bytes not being freed. There are four
other blocks of bigger size that we are quite sure are leaks too but not yet
100% sure. Will confirm some time.



Please let me know if you require any further info.



Cheers.

Eugene Manko.


[Attachment #3 (text/html)]

<html><head><meta http-equiv="Content-Type" content="text/html; \
charset=us-ascii"><meta name="Generator" content="Microsoft Word 14 (filtered \
medium)"><style><!-- /* Font Definitions */
@font-face
	{font-family:"Cambria Math";
	panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
	{font-family:Calibri;
	panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
	{font-family:Consolas;
	panose-1:2 11 6 9 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
	{margin:0in;
	margin-bottom:.0001pt;
	font-size:11.0pt;
	font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
	{mso-style-priority:99;
	color:blue;
	text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
	{mso-style-priority:99;
	color:purple;
	text-decoration:underline;}
span.EmailStyle17
	{mso-style-type:personal-compose;
	font-family:"Calibri","sans-serif";
	color:windowtext;}
.MsoChpDefault
	{mso-style-type:export-only;
	font-family:"Calibri","sans-serif";}
@page WordSection1
	{size:8.5in 11.0in;
	margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
	{page:WordSection1;}
--></style></head><body lang="EN-US" link="blue" vlink="purple"><div \
class="WordSection1"><p class="MsoNormal">Hi there,</p><p class="MsoNormal"> </p><p \
class="MsoNormal">We wanted to submit a memory leak bug report and am not sure \
whether this is the best way of doing so or whether we should fix it ourselves and \
then submit bug fix to you guys?</p> <p class="MsoNormal"> </p><p \
class="MsoNormal">Main memory leak that we are sure about is in ssl/ssl_ciph.c : \
load_builtin_compressions function:</p><p class="MsoNormal"> </p><p class="MsoNormal" \
style="text-autospace:none"> <span style="font-size:9.5pt;font-family:Consolas">      \
<b>ssl_comp_methods=sk_SSL_COMP_new(sk_comp_cmp);   // &lt;- leak</b></span></p><p \
class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                     <span \
style="color:blue">if</span> (ssl_comp_methods != NULL)</span></p> <p \
class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                           \
{</span></p><p class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                           \
comp=(SSL_COMP *)OPENSSL_malloc(<span \
style="color:blue">sizeof</span>(SSL_COMP));</span></p> <p class="MsoNormal" \
style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas">       \
<span style="color:blue">if</span> (comp != NULL)</span></p><p class="MsoNormal" \
style="text-autospace:none"> <span style="font-size:9.5pt;font-family:Consolas">      \
{</span></p><p class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                                  \
comp-&gt;method=COMP_zlib();</span></p> <p class="MsoNormal" \
style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas">       \
<span style="color:blue">if</span> (<b>comp-&gt;method</b></span></p><p \
class="MsoNormal" style="text-autospace:none"> <b><span \
style="font-size:9.5pt;font-family:Consolas">                                         \
&amp;&amp; comp-&gt;method-&gt;type == NID_undef</span></b><span \
style="font-size:9.5pt;font-family:Consolas">)  // &lt;- Leak if this condition is \
not met</span></p> <p class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                                         \
OPENSSL_free(comp);</span></p><p class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                                  <span \
style="color:blue">else</span></span></p> <p class="MsoNormal" \
style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas">       \
{</span></p><p class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                                         \
comp-&gt;id=SSL_COMP_ZLIB_IDX;</span></p> <p class="MsoNormal" \
style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas">       \
comp-&gt;name=comp-&gt;method-&gt;name;</span></p><p class="MsoNormal" \
style="text-autospace:none"> <span style="font-size:9.5pt;font-family:Consolas">      \
sk_SSL_COMP_push(ssl_comp_methods,comp);</span></p><p class="MsoNormal" \
style="text-autospace:none"><span style="font-size:9.5pt;font-family:Consolas">       \
}</span></p> <p class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                                  \
}</span></p><p class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas">                           }</span></p> \
<p class="MsoNormal" style="text-autospace:none"><span \
style="font-size:9.5pt;font-family:Consolas"> </span></p><p class="MsoNormal"> </p><p \
class="MsoNormal">This results in two blocks 16 and 20 bytes not being freed. There \
are four other blocks of bigger size that we are quite sure are leaks too but not yet \
100% sure. Will confirm some time.</p> <p class="MsoNormal"> </p><p \
class="MsoNormal">Please let me know if you require any further info.</p><p \
class="MsoNormal"> </p><p class="MsoNormal">Cheers.</p><p class="MsoNormal">Eugene \
Manko.</p></div></body></html>


______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       openssl-dev@openssl.org
Automated List Manager                           majordomo@openssl.org

[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic