From: "Ivan Visconti" <[EMAIL PROTECTED]>
visiva> the memory in not freed (before the second scanf)
visiva> while in this simple program
visiva>
visiva> main() {
visiva> int i;
visiva> char *s=malloc(1000000);
visiva> memset(s,0,1000000);
visiva> scanf("%d",&i);
visiva> s=realloc(s,2000000);
visiva> memset(s,0,2000000);
visiva> scanf("%d",&i);
visiva> s=realloc(s,3000000);
visiva> memset(s,0,3000000);
visiva> scanf("%d",&i);
visiva> s=realloc(s,4000000);
visiva> memset(s,0,4000000);
visiva> scanf("%d",&i);
visiva> free(s);
visiva> scanf("%d",&i);
visiva> }
visiva>
visiva> Before the last scanf the memory is freed.
A good implementation of realloc() will see that the top of the heap
comes right after the area that s points at, and will simply extend
it. And even without that, the area pointed at by s will still be at
the top of the heap, with a big hole below it. When it is free'd, the
heap will be just one big hole, and of course, memory can be returned
to the system.
A better test would be the following:
main()
{
int i
char *s1 = malloc(1000000);
char *s2 = malloc(1000000);
memset(s1,0,1000000);
memset(s2,0,1000000);
scanf("%d",&i);
free(s1); /* this creates a big hole, but since the area
pointed at by s2 is above this one, no memory
can be returned to the system */
scanf("%d",&i);
free(s2); /* Now, since this is at the top of the heap, both
this area and the hole that was there when s1
got free()'d can now be returned to the system
*/
scanf("%d",&i);
}
After the first free(), you'll probably not get a change in memory
consumption. After the second free(), it's a different story.
Back to the "simple" program, you could try the following:
main() {
int i;
STACK_OF(X509_NAME *) s;
CRYPTO_malloc_debug_init();
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
s=SSL_load_client_CA_file("cert.pem");
CRYPTO_mem_leaks_fp(stderr);
scanf("%d",&i);
sk_X509_NAME_pop_free(s,X509_NAME_free);
CRYPTO_mem_leaks_fp(stderr);
scanf("%d",&i);
}
Then you can see, after each step, what was actually allocated, and
what actually remains...
It's also possible that you get an error (you never check if s got
NULL), so you might end up with an error state, which is also
allocated on the heap. The following statement will clear it up:
ERR_remove_state(0);
--
Richard Levitte \ Spannv�gen 38, II \ [EMAIL PROTECTED]
Chairman@Stacken \ S-168 35 BROMMA \ T: +46-8-26 52 47
Redakteur@Stacken \ SWEDEN \ or +46-708-26 53 44
Procurator Odiosus Ex Infernis -- [EMAIL PROTECTED]
Member of the OpenSSL development team
Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List [EMAIL PROTECTED]
Automated List Manager [EMAIL PROTECTED]
