[guest - Tue Mar 23 20:10:43 2004]: > I have narrowed it down to the function BN_BLINDING_new in the file > crypto\bn\bn_blind.c, the memory allocated for the BN_BLINDING > structure never gets freed. I am assuming that the BIGNUM structures > allocated with BN_new inside of BN_BLINDING never gets freed also. > > Here are my test results after running 24 hours monitoring the > OPENSSL_malloc and OPENSSL_free calls: > > 1. BN_BLINDING � allocations 53,615, frees 0, outstanding 53,615 > 2. BN_new � allocations 8,347,200, frees 8,127,872 outstanding 219,328 > 3. I also track the heap and it grows proportional to the lack of BN > frees > 4. This bug has been re-produced in OpenSSL 0.9.79(b&c) in > Apache/mod_ssl/OpenSSL - Apache 2.0.48 > > Is there anyone out there willing to help out that understands the big > number code? Can anyone at least tell me if Apache/mod_ssl/OpenSSL > needs to initialize some kind of callback? Like > CRYPTO_set_locking_callback <- Just an example, this is in the code, > are there any other callbacks anyone can think of to get the OpenSSL > code to release the BN memory? >
I ran tests on 0.9.7d last night and the BL_BLINDING mallocs are now being freed ______________________________________________________________________ OpenSSL Project http://www.openssl.org Development Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]
