I found the following memory leak in the function ENGINE_by_id in the
0.9.8-line of code. It seems also to present in the current CVS version.
The leak occurs if the dynamic engine is used to automatically load an
engine not already registered in engine_list_head. If the engine cannot
be found (or any other control executed on the dynamic engine fails) it
just returns NULL without freeing the already allocated ENGINE structure
stored in the iterator variable.
This patch fixes the problem:
index bd51194..fa2ab97 100644
--- a/crypto/engine/eng_list.c
+++ b/crypto/engine/eng_list.c
@@ -412,6 +412,7 @@ ENGINE *ENGINE_by_id(const char *id)
return iterator;
}
notfound:
+ ENGINE_free(iterator);
ENGINEerr(ENGINE_F_ENGINE_BY_ID,ENGINE_R_NO_SUCH_ENGINE);
ERR_add_error_data(2, "id=", id);
return NULL;
The problem can be reproduced by calling ENGINE_by_id with an unknown
engine name as argument and checking the memory usage using the usual
openssl calls. Here is a short example that triggers the bug and can be
used to check the bugfix:
#include <openssl/engine.h>
int main()
{
ENGINE *engine = NULL;
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
CRYPTO_malloc_init();
ERR_load_crypto_strings();
ENGINE_load_builtin_engines();
engine = ENGINE_by_id("no-such-engine");
if(engine) ENGINE_free(engine);
EVP_cleanup();
ENGINE_cleanup();
OBJ_cleanup();
CRYPTO_cleanup_all_ex_data();
ERR_remove_state(0);
ERR_free_strings();
CRYPTO_mem_leaks_fp(stderr);
return 0;
}
Here is the output of "make report" (stored as testlog):
OpenSSL self-test report:
OpenSSL version: 0.9.8j
Last change: Properly check EVP_VerifyFinal() and similar return val...
Options: enable-montasm no-camellia no-capieng no-cms no-gmp
no-jpake n
o-krb5 no-mdc2 no-rc5 no-rfc3779 no-seed no-shared no-zlib no-zlib-dynamic
OS (uname): Linux sina-as-dev2 2.6.17.14-64gb #3 SMP PREEMPT Fri
Jul 4 08:
24:38 CEST 2008 i686 GNU/Linux
OS (config): i686-whatever-linux2
Target (default): linux-elf
Target: debug-linux-elf-noefence
Compiler: Using built-in specs.
Target: i486-linux-gnu
Configured with: ../src/configure -v
--enable-languages=c,c++,fortran,objc,obj-c
++,treelang --prefix=/usr --enable-shared --with-system-zlib
--libexecdir=/usr/l
ib --without-included-gettext --enable-threads=posix --enable-nls
--program-suff
ix=-4.1 --enable-__cxa_atexit --enable-clocale=gnu
--enable-libstdcxx-debug --en
able-mpfr --with-tune=i686 --enable-checking=release i486-linux-gnu
Thread model: posix
gcc version 4.1.2 20061115 (prerelease) (Debian 4.1.1-21)
Test passed.
Torsten Hilbrich
______________________________________________________________________
OpenSSL Project http://www.openssl.org
Development Mailing List openssl-dev@openssl.org
Automated List Manager majord...@openssl.org
