Further investigation shows that if the request has no subjectName, then there is no memory leak. I infer that there's some memory allocated that is not freed either internally or by X509_REQ_free(). Any advice? Thanks, Paul ________________________________
From: [email protected] [mailto:[email protected]] On Behalf Of Paul Suhler Sent: Thursday, May 28, 2009 2:44 PM To: [email protected] Subject: Memory Leak Creating a CSR Hi. Using OpenSSL 0.9.8i, I'm getting a memory leak when I create a CSR. My process is taken more-or-less from the Viega, et al. book: Initial: X509_REQ_new() to get the request structure OPENSSL_malloc(1) to add a byte to the request for the version RSA Key: RSA_new() for an RSA structure BN_bin2bn() a number of times to add the public and private keys and intermediate values EVP_PKEY_new() for an EVP structure EVP_PKEY_assign_RSA() X509_REQ_set_pubkey() to attach the key to the request subjectName: X509_NAME_new() X509_NAME_add_entry_by_NID() six times to add the components of the name X509_REQ_set_subject_name() to attach the name to the request Creation: X509_REQ_sign() to sign the request BIO_new(BIO_s_mem()) to create a memory BIO to receive the DER-encoded CSR i2d_X509_REQ_bio() to write the DER BIO_get_mem_data() to get the location of the data memcpy() to copy the DER from the BIO to the destination buffer Cleanup: BIO_free() EVP_PKEY_free() X509_REQ_free() However, each time I do this, the allocated memory increases by about 800 to 1000 bytes. If I do it enough, CRYPTO_malloc() eventually fails. If I don't include the subjectName, then the increase is much less, but I *think* there's still a leak. Is there additional structure free-ing that I should be doing? Thanks very much, Paul ___________________________________ Paul A. Suhler | Firmware Engineer | Quantum Corporation | Office: 949.856.7748 | [email protected] <mailto:[email protected]> ___________________________________ Disregard the Quantum Corporation confidentiality notice below. The information contained in this transmission is not confidential. Permission is hereby explicitly granted to disclose, copy, and further distribute to any individuals or organizations, without restriction.
