Hi,
We have a memory leak in OpenSSL when encrypting text to AES-128,
followed by B64 encoding.
The basic case is that memory aquired for BIO_new() with b64 is not
freed by the corresponding BIO_free() call.
This is present in v 0.9.7 and v 1.0.0. Operating system is Windows 7 UE
64-bit, build is Visual Studio 2008, x86, but probably present in other
environments.
I've summarised the symptoms as:
Memory aquired traced in CRYPTO_malloc()
0x00847098 b64 BIO_new Free (1)
0x00846d20 Not freed
0x00846a20 Not freed
0x00846a70 Not freed
0x00846ac0 Not freed
0x00887358 Free (2)
0x00846b08 baes BIO_new Free (3)
0x00887df0 Free (4)
0x00886c20 bmem BIO_new Free (5)
0x00886ca0 Free (6)
0x00886e08 baes BIO_set_cypher Free (7)
0x00886f38 b64 BIO_flush Free (8)
BIO_free_all baes
Corresponding frees traced in CRYPTO_free()
0x00886e08 (7)
0x00887df0 (4)
0x00846b08 (3)
0x00887358 (2)
0x00847098 (1)
0x00886f38 (8)
0x00886ca0 (6)
0x00886c20 (5)
Tracing (using debug build of v 1.0.0) where memory is aquired through
BIO_new for b64 BIO (Same thing, different addresses in this case).
0x01e97098 b64 BIO_new
0x01e96d20 x These are not freed
0x01e96a20 x
0x01e96a70 x
0x01e96ac0 x
0x01ed7358
0x01e96b08 baes BIO_new
Getting storage
b64 BIO_new
0x01f37098
BIO_set
CRYPTO_new_ex_data
int_new_ex_data
def_get_class
0x01f36d20
Not freed
sk_new_null
sk_new
0x01f36a20 Not freed
0x01f36a70 Not freed
lh_insert
0x01f36ac0 Not freed
b64_new
0x01f77358
Freeing storage aquired through BIO_new for b64 BIO
b64 BIO_free_all
BIO_free
CRYPTO_free_ex_data
free_ex_data
mx =
sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); returns 0
ad->sk == 0, so
sk_void_free() not called
b64_free
0x01f77358 freed
0x01f37098 freed
Please let me know if you require any further info.
Regards,
Graham Goodwin
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [email protected]
Automated List Manager [email protected]
