Re: [openssl-dev] libcryto 1.1 leaks since old locks are removed

Sat, 19 Mar 2016 00:50:48 -0700 

FYI, I have a fix for this but it is currently stalled in review due to
another related issue. Interim patch attached.

Matt


On 16/03/16 22:11, Michel wrote:
> Hi,
> 
>  
> 
> As in my previous post, libcrypto still leaks with OpenSSL version 1.1.0
> pre release 4.
> 
> Here is an example with the same test program that was running fine
> before I removed the old locking “stuff”.
> 
>  
> 
> Detected memory leaks!
> 
> Dumping objects ->
> 
> {1418} normal block at 0x0064EF98, 24 bytes long.
> 
> Data: <  d             > 98 1F 64 00 FF FF FF FF 00 00 00 00 00 00 00 00
> 
> {703} normal block at 0x00641E40, 24 bytes long.
> 
> Data: <x d             > 78 1E 64 00 FF FF FF FF 00 00 00 00 00 00 00 00
> 
> Object dump complete.
> 
> Debug Error!
> 
>  
> 
> ---------- Block 703 at 0x00641E40: 24 bytes ----------
> 
>   Leak Hash: 0x95EDDA21, Count: 1, Total 24 bytes
> 
>   Call Stack (TID 7140):
> 
>     ntdll.dll!RtlAllocateHeap()
> 
>     f:\dd\vctools\crt\crtw32\misc\dbgmalloc.c (56):
> TestsTLS-11.exe!malloc() + 0x15 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\mem.c (140):
> TestsTLS-11.exe!CRYPTO_malloc() + 0x9 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\mem.c (148):
> TestsTLS-11.exe!CRYPTO_zalloc() + 0x11 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\threads_win.c (57):
> TestsTLS-11.exe!CRYPTO_THREAD_lock_new() + 0xE bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\err\err.c (393):
> TestsTLS-11.exe!do_err_strings_init() + 0x5 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\threads_win.c (117):
> TestsTLS-11.exe!CRYPTO_THREAD_run_once()
> 
>     e:\openssl-1.1.0-pre4\crypto\err\err.c (711):
> TestsTLS-11.exe!ERR_func_error_string() + 0xF bytes
> 
>     e:\openssl-1.1.0-pre4\ssl\ssl_err.c (716):
> TestsTLS-11.exe!ERR_load_SSL_strings() + 0x14 bytes
> 
>     e:\openssl-1.1.0-pre4\ssl\ssl_init.c (180):
> TestsTLS-11.exe!ossl_init_load_ssl_strings()
> 
>     e:\openssl-1.1.0-pre4\crypto\threads_win.c (117):
> TestsTLS-11.exe!CRYPTO_THREAD_run_once()
> 
>     e:\openssl-1.1.0-pre4\ssl\ssl_init.c (258):
> TestsTLS-11.exe!OPENSSL_init_ssl() + 0x2B bytes
> 
>     e:\openssl-1.1.0-pre4\ssl\ssl_lib.c (2359):
> TestsTLS-11.exe!SSL_CTX_new() + 0xE bytes
> 
>     p:\mes programmes\shared\ocrypto-11\tls.cpp (95):
> TestsTLS-11.exe!OTLS::TLSCtx::SetMinTLSVer() + 0x9 bytes
> 
>     p:\mes programmes\tests\_testsshared\teststls-11\testtls.cpp (63):
> TestsTLS-11.exe!main() + 0xC bytes
> 
>     f:\dd\vctools\crt\crtw32\startup\crt0.c (165):
> TestsTLS-11.exe!mainCRTStartup()
> 
>  
> 
> ---------- Block 1418 at 0x0064EF98: 24 bytes ----------
> 
>   Leak Hash: 0x9FBB4D3C, Count: 1, Total 24 bytes
> 
>   Call Stack (TID 7140):
> 
>     ntdll.dll!RtlAllocateHeap()
> 
>     f:\dd\vctools\crt\crtw32\misc\dbgmalloc.c (56):
> TestsTLS-11.exe!malloc() + 0x15 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\mem.c (140):
> TestsTLS-11.exe!CRYPTO_malloc() + 0x9 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\mem.c (148):
> TestsTLS-11.exe!CRYPTO_zalloc() + 0x11 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\threads_win.c (57):
> TestsTLS-11.exe!CRYPTO_THREAD_lock_new() + 0xE bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\ex_data.c (143):
> TestsTLS-11.exe!do_ex_data_init() + 0x5 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\threads_win.c (117):
> TestsTLS-11.exe!CRYPTO_THREAD_run_once()
> 
>     e:\openssl-1.1.0-pre4\crypto\ex_data.c (160):
> TestsTLS-11.exe!get_and_lock() + 0xF bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\ex_data.c (243):
> TestsTLS-11.exe!CRYPTO_get_ex_new_index() + 0x9 bytes
> 
>     e:\openssl-1.1.0-pre4\ssl\ssl_cert.c (146):
> TestsTLS-11.exe!ssl_x509_store_ctx_init() + 0x14 bytes
> 
>     e:\openssl-1.1.0-pre4\crypto\threads_win.c (117):
> TestsTLS-11.exe!CRYPTO_THREAD_run_once()
> 
>     e:\openssl-1.1.0-pre4\ssl\ssl_cert.c (152):
> TestsTLS-11.exe!SSL_get_ex_data_X509_STORE_CTX_idx() + 0xF bytes
> 
>     e:\openssl-1.1.0-pre4\ssl\ssl_lib.c (2367):
> TestsTLS-11.exe!SSL_CTX_new() + 0x5 bytes
> 
>     p:\mes programmes\shared\ocrypto-11\tls.cpp (95):
> TestsTLS-11.exe!OTLS::TLSCtx::SetMinTLSVer() + 0x9 bytes
> 
>     p:\mes programmes\tests\_testsshared\teststls-11\testtls.cpp (63):
> TestsTLS-11.exe!main() + 0xC bytes
> 
>     f:\dd\vctools\crt\crtw32\startup\crt0.c (165):
> TestsTLS-11.exe!mainCRTStartup()
> 
>  
> 
> Regards,
> 
>  
> 
> Michel
> 
>  
> 
> 
> 

From 33eae4591fec8bfa08a150e4342b1ae813fe4143 Mon Sep 17 00:00:00 2001
From: Matt Caswell <m...@openssl.org>
Date: Fri, 11 Mar 2016 21:53:18 +0000
Subject: [PATCH] Ensure all locks are properly cleaned up

Some locks were not being properly cleaned up during close down.
---
 crypto/bio/b_addr.c                    |  8 +++++
 crypto/err/err.c                       |  8 +++--
 crypto/ex_data.c                       | 10 +++++--
 crypto/include/internal/bio.h          | 55 ++++++++++++++++++++++++++++++++++
 crypto/include/internal/cryptlib_int.h |  2 ++
 crypto/include/internal/err.h          |  1 +
 crypto/init.c                          |  5 +++-
 7 files changed, 83 insertions(+), 6 deletions(-)
 create mode 100644 crypto/include/internal/bio.h

diff --git a/crypto/bio/b_addr.c b/crypto/bio/b_addr.c
index 0a6c5e9..6b2a6da 100644
--- a/crypto/bio/b_addr.c
+++ b/crypto/bio/b_addr.c
@@ -56,6 +56,7 @@
 
 #include "bio_lcl.h"
 #include "internal/threads.h"
+#include "internal/bio.h"
 
 #ifndef OPENSSL_NO_SOCK
 #include <openssl/err.h>
@@ -853,4 +854,11 @@ int BIO_lookup(const char *host, const char *service,
 
     return ret;
 }
+
+void bio_cleanup(void)
+{
+    CRYPTO_THREAD_lock_free(bio_lookup_lock);
+    bio_lookup_lock = NULL;
+}
+
 #endif /* OPENSSL_NO_SOCK */
diff --git a/crypto/err/err.c b/crypto/err/err.c
index da6d3ee..6417e2c 100644
--- a/crypto/err/err.c
+++ b/crypto/err/err.c
@@ -113,6 +113,7 @@
 #include <string.h>
 #include <internal/cryptlib_int.h>
 #include <internal/threads.h>
+#include <internal/err.h>
 #include <openssl/lhash.h>
 #include <openssl/crypto.h>
 #include <openssl/buffer.h>
@@ -389,9 +390,12 @@ static void ERR_STATE_free(ERR_STATE *s)
 
 static void do_err_strings_init(void)
 {
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
     err_string_lock = CRYPTO_THREAD_lock_new();
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
+}
+
+void err_cleanup(void)
+{
+    CRYPTO_THREAD_lock_free(err_string_lock);
 }
 
 void ERR_load_ERR_strings(void)
diff --git a/crypto/ex_data.c b/crypto/ex_data.c
index 3088889..16019b1 100644
--- a/crypto/ex_data.c
+++ b/crypto/ex_data.c
@@ -108,7 +108,7 @@
  *
  */
 
-#include "internal/cryptlib.h"
+#include "internal/cryptlib_int.h"
 #include "internal/threads.h"
 #include <openssl/lhash.h>
 
@@ -139,9 +139,13 @@ static CRYPTO_ONCE ex_data_init = CRYPTO_ONCE_STATIC_INIT;
 
 static void do_ex_data_init(void)
 {
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_DISABLE);
     ex_data_lock = CRYPTO_THREAD_lock_new();
-    CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ENABLE);
+}
+
+void ex_data_cleanup(void)
+{
+    CRYPTO_THREAD_lock_free(ex_data_lock);
+    ex_data_lock = NULL;
 }
 
 /*
diff --git a/crypto/include/internal/bio.h b/crypto/include/internal/bio.h
new file mode 100644
index 0000000..e21b837
--- /dev/null
+++ b/crypto/include/internal/bio.h
@@ -0,0 +1,55 @@
+/* ====================================================================
+ * Copyright (c) 2016 The OpenSSL Project.  All rights reserved.
+ *
+ * Redistribution and use in source and binary forms, with or without
+ * modification, are permitted provided that the following conditions
+ * are met:
+ *
+ * 1. Redistributions of source code must retain the above copyright
+ *    notice, this list of conditions and the following disclaimer.
+ *
+ * 2. Redistributions in binary form must reproduce the above copyright
+ *    notice, this list of conditions and the following disclaimer in
+ *    the documentation and/or other materials provided with the
+ *    distribution.
+ *
+ * 3. All advertising materials mentioning features or use of this
+ *    software must display the following acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
+ *
+ * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
+ *    endorse or promote products derived from this software without
+ *    prior written permission. For written permission, please contact
+ *    licens...@openssl.org.
+ *
+ * 5. Products derived from this software may not be called "OpenSSL"
+ *    nor may "OpenSSL" appear in their names without prior written
+ *    permission of the OpenSSL Project.
+ *
+ * 6. Redistributions of any form whatsoever must retain the following
+ *    acknowledgment:
+ *    "This product includes software developed by the OpenSSL Project
+ *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
+ *
+ * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
+ * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
+ * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+ * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
+ * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
+ * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
+ * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
+ * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
+ * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
+ * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
+ * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
+ * OF THE POSSIBILITY OF SUCH DAMAGE.
+ * ====================================================================
+ *
+ * This product includes cryptographic software written by Eric Young
+ * (e...@cryptsoft.com).  This product includes software written by Tim
+ * Hudson (t...@cryptsoft.com).
+ *
+ */
+
+void bio_cleanup(void);
diff --git a/crypto/include/internal/cryptlib_int.h b/crypto/include/internal/cryptlib_int.h
index ae30842..fd68522 100644
--- a/crypto/include/internal/cryptlib_int.h
+++ b/crypto/include/internal/cryptlib_int.h
@@ -65,6 +65,8 @@ struct thread_local_inits_st {
 };
 
 int ossl_init_thread_start(uint64_t opts);
+void ex_data_cleanup(void);
+
 /*
  * OPENSSL_INIT flags. The primary list of these is in crypto.h. Flags below
  * are those ommitted from crypto.h because they are "reserverd for internal
diff --git a/crypto/include/internal/err.h b/crypto/include/internal/err.h
index aa48019..2992674 100644
--- a/crypto/include/internal/err.h
+++ b/crypto/include/internal/err.h
@@ -56,3 +56,4 @@
  */
 
 void err_load_crypto_strings_intern(void);
+void err_cleanup(void);
diff --git a/crypto/init.c b/crypto/init.c
index 8c59989..2041164 100644
--- a/crypto/init.c
+++ b/crypto/init.c
@@ -66,6 +66,7 @@
 #ifndef OPENSSL_NO_ENGINE
 #include <internal/engine.h>
 #endif
+#include <internal/bio.h>
 #include <openssl/comp.h>
 #include <internal/err.h>
 #include <stdlib.h>
@@ -491,10 +492,12 @@ void OPENSSL_cleanup(void)
 #ifndef OPENSSL_NO_ENGINE
     ENGINE_cleanup();
 #endif
-    CRYPTO_cleanup_all_ex_data();
+    ex_data_cleanup();
     BIO_sock_cleanup();
+    bio_cleanup();
     EVP_cleanup();
     OBJ_cleanup();
+    err_cleanup();
     base_inited = 0;
 }
 
-- 
2.5.0


-- 
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev

Reply via email to