[Bug 63077] New: Memory leak if SSLUseStapling is on

Tue, 15 Jan 2019 01:28:46 -0800 

https://bz.apache.org/bugzilla/show_bug.cgi?id=63077

            Bug ID: 63077
           Summary: Memory leak if SSLUseStapling is on
           Product: Apache httpd-2
           Version: 2.4.37
          Hardware: PC
                OS: Linux
            Status: NEW
          Severity: normal
          Priority: P2
         Component: mod_ssl
          Assignee: [email protected]
          Reporter: [email protected]
  Target Milestone: ---

Created attachment 36376
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=36376&action=edit
output of valgrind. Look for line 9115

Hi,

valgrind reports a leak when enabling SSLUseStapling. I did install httpd and
set those attributes:

SSLUseStapling   on
SSLStaplingCache shmcb:/tmp/stapling_cache(16384)
SSLStaplingStandardCacheTimeout 1



after several requests like:
printf "" | openssl s_client -connect localhost:443 -CAfile
/var/opt/OpenSSLCA/CA/ca/cert/ca.pem -status

my host did run out of memory.


With valgrind I can see this (after a single request: openssl s_client -connect
localhost:443 -CAfile /var/opt/OpenSSLCA/CA/ca/cert/ca.pem -status)

Without stapling:
==25377== LEAK SUMMARY:
==25377== definitely lost: 0 bytes in 0 blocks
==25377== indirectly lost: 0 bytes in 0 blocks

With stapling:
==24345== LEAK SUMMARY:
==24345== definitely lost: 16 bytes in 1 blocks
==24345== indirectly lost: 1,844 bytes in 5 blocks


So there seems to be a leak somewhere in mod_ssl. 

Find attached the valgrind output.


Thank you for investigating this leak.

Best Regards
        Paolo Ganci


paolo@localhost:~> /var/opt/httpd/bin/httpd -V
Server version: Apache/2.4.37 (Unix)
Server built:   Jan 14 2019 12:42:25
Server's Module Magic Number: 20120211:83
Server loaded:  APR 1.6.5, APR-UTIL 1.6.1
Compiled using: APR 1.6.5, APR-UTIL 1.6.1
Architecture:   64-bit
Server MPM:     worker
  threaded:     yes (fixed thread count)
    forked:     yes (variable process count)
Server compiled with....
 -D APR_HAS_SENDFILE
 -D APR_HAS_MMAP
 -D APR_HAVE_IPV6 (IPv4-mapped addresses enabled)
 -D APR_USE_SYSVSEM_SERIALIZE
 -D APR_USE_PTHREAD_SERIALIZE
 -D SINGLE_LISTEN_UNSERIALIZED_ACCEPT
 -D APR_HAS_OTHER_CHILD
 -D AP_HAVE_RELIABLE_PIPED_LOGS
 -D DYNAMIC_MODULE_LIMIT=256
 -D HTTPD_ROOT="/var/opt/httpd"
 -D SUEXEC_BIN="/var/opt/httpd/bin/suexec"
 -D DEFAULT_PIDLOG="logs/httpd.pid"
 -D DEFAULT_SCOREBOARD="logs/apache_runtime_status"
 -D DEFAULT_ERRORLOG="logs/error_log"
 -D AP_TYPES_CONFIG_FILE="conf/mime.types"
 -D SERVER_CONFIG_FILE="conf/httpd.conf"

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to