James Yonan wrote: > > I have an application which creates and destroys many SSL objects using > SSL_new and SSL_free. The SSL objects are bound to memory BIOs rather > than sockets. Here is a brief annotation of the relevent sections of code > (with error checks removed): > > ks->ssl = SSL_new (ssl_ctx); > > ks->ssl_bio = BIO_new (BIO_f_ssl()); > ks->ciphertext_in = BIO_new (BIO_s_mem ()); > ks->ciphertext_out = BIO_new (BIO_s_mem ()); > > if (server) > SSL_set_accept_state (ks->ssl); > else > SSL_set_connect_state (ks->ssl); > > SSL_set_bio (ks->ssl, ks->ciphertext_in, ks->ciphertext_out); > BIO_set_ssl (ks->ssl_bio, ks->ssl, BIO_NOCLOSE); > > /* DO SOMETHING */ > > SSL_free (ks->ssl); > > The problem is that each of these iterations causes OpenSSL to leak 10K or > more. At first I thought that maybe the BIOs returned by BIO_new need to > be explicitly freed, but then I saw that OpenSSL is freeing them on the > SSL_free call. > > 98212 file=buffer.c, line=67, number=12, address=0815D738 > 71750 file=bio_ssl.c, line=108, number=24, address=081B3AB8 > 32120 file=buffer.c, line=110, number=1868, address=08199A50 > 72332 file=bio_lib.c, line=73, number=64, address=08170740 > 701884 bytes leaked in 1960 chunks > > After many iterations, the amount of memory leaked is substantial. All of > the leaks are occurring at one of these 4 locations (above) in the code > (openssl-0.9.6c) which I obtained by building OpenSSL with CRYPTO_MDEBUG > defined. >
If you are just iterating that code then you aren't freeing those BIOs you created. Steve. -- Dr Stephen N. Henson. http://www.drh-consultancy.demon.co.uk/ Personal Email: [EMAIL PROTECTED] Senior crypto engineer, Gemplus: http://www.gemplus.com/ Core developer of the OpenSSL project: http://www.openssl.org/ Business Email: [EMAIL PROTECTED] PGP key: via homepage. ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
