[openssl.org #2673] Bug report: OpenSSL Memory leak in B64 encode

Tue, 10 Jan 2012 12:28:52 -0800 

Hi Steve,



Not tried that. Our implementation is all via the BIO calls, eg.



    BIO                *b64    = BIO_new(BIO_f_base64()),

                       *baes   = BIO_new(BIO_f_cipher()),

                       *bmem   = BIO_new(BIO_s_mem());

...

...



    BIO_set_cipher(baes, 

                   EVP_aes_128_cbc(), 

                   (unsigned char *) key, 

                   (unsigned char *)pinitvector, 

                   AES_ENCRYPT);

    b64 = BIO_push(baes, b64);

    b64 = BIO_push(b64, bmem); 

    BIO_write(b64, (const char *) pwk, len);    <---- pwk -> plaintext, len = 
plaintext length

    BIO_flush(b64);

...

...

    BIO_free_all(b64);

    Return;     



All the calls described in my synopsis are made within the OpenSSL library code 
itself.



Where would you suggest that I call CRYPTO_cleanup_all_ex_data()?



Regards,

Graham



-----Original Message-----

From: Stephen Henson via RT [mailto:[email protected]]

Sent: 10 January 2012 20:07

To: Goodwin, Graham

Cc: [email protected]

Subject: [openssl.org #2673] Bug report: OpenSSL Memory leak in B64 encode 



> [[email protected] - Thu Jan 05 14:40:08 2012]:

> 

> Hi,

> 

> We have a memory leak in OpenSSL when encrypting text to AES-128, 

> followed by B64 encoding.

> 

> The basic case is that memory aquired for BIO_new() with b64 is not 

> freed by the corresponding BIO_free() call.

> 

> This is present in v 0.9.7 and v 1.0.0. Operating system is Windows 7 

> UE 64-bit, build is Visual Studio 2008, x86, but probably present in 

> other environments.

> 

> I've summarised the symptoms as:

> 

> 

> Freeing storage aquired through BIO_new for b64 BIO

> 

> b64           BIO_free_all            

>                       BIO_free        

>                               CRYPTO_free_ex_data

>                                       free_ex_data 

>                                               mx =

> sk_CRYPTO_EX_DATA_FUNCS_num(item->meth); returns 0

>                                               ad->sk == 0, so

> sk_void_free() not called             

>                               b64_free

>                                       0x01f77358 freed

> 

>                               0x01f37098 freed

> 

> Please let me know if you require any further info.

> 



Have you tried calling CRYPTO_cleanup_all_ex_data()?



Steve.

--

Dr Stephen N. Henson. OpenSSL project core developer.

Commercial tech support now available see: http://www.openssl.org



______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
Development Mailing List                       [email protected]
Automated List Manager                           [email protected]

Reply via email to