Re: Custom free routine is invoked with NULL argument in openssl 1.0.1

Fri, 25 May 2012 05:27:33 -0700 

In message <4fbf35d0.3020...@wisemo.com> on Fri, 25 May 2012 09:33:36 +0200, 
Jakob Bohm <jb-open...@wisemo.com> said:

jb-openssl> On 5/25/2012 12:30 AM, Richard Levitte wrote:
jb-openssl> > In
jb-openssl> > 
message<cagxgq09umap5b1bhsyjj54srwrg-syzqnodk5rh_gnt29xa...@mail.gmail.com>
jb-openssl> > on Thu, 24 May 2012 17:46:49 +0530, Sudarshan
jb-openssl> > Raghavan<sudarshan.t.ragha...@gmail.com> said:
jb-openssl> >
jb-openssl> > sudarshan.t.raghavan>  Hi,
jb-openssl> > sudarshan.t.raghavan>
jb-openssl> > sudarshan.t.raghavan> I am using CRYPTO_set_mem_functions to use 
our
jb-openssl> > own custom memory
jb-openssl> > sudarshan.t.raghavan> routines in a non blocking proxy
jb-openssl> > implementation. This was working fine
jb-openssl> > sudarshan.t.raghavan> in 0.9.8 and 1.0.0 but with 1.0.1c I can see
jb-openssl> > that the custom free
jb-openssl> > sudarshan.t.raghavan> routine is being invoked with a NULL 
argument
jb-openssl> > after calling SSL_free
jb-openssl> > sudarshan.t.raghavan>  and this results in the proxy crashing.
jb-openssl> > sudarshan.t.raghavan>
jb-openssl> > sudarshan.t.raghavan> #3 0x0828bd24 in CUSTOM_FREE (oldMem=0x0) at
jb-openssl> > custom_mem.c:340
jb-openssl> > sudarshan.t.raghavan>  #4  0xb75342b4 in CRYPTO_free () from
jb-openssl> > sudarshan.t.raghavan>
jb-openssl> > 
/home/product/code/firmware/current/lib/openssl1.0/lib/libcrypto.so.1.0.0
jb-openssl> > sudarshan.t.raghavan>  #5  0x00000000 in ?? ()
jb-openssl> > sudarshan.t.raghavan>
jb-openssl> > sudarshan.t.raghavan>  This happens every time the SSL 
connections is torn down. If I don't
jb-openssl> > sudarshan.t.raghavan>  use CRYPTO_set_mem_functions it works 
fine. I am assuming the default
jb-openssl> > sudarshan.t.raghavan>  free routine ignores a NULL argument. Is 
it an expectation from the
jb-openssl> > sudarshan.t.raghavan>  custom free routine to also ignore NULL? I 
can provide more
jb-openssl> > sudarshan.t.raghavan>  information if needed. Can someone help me 
debug this problem.
jb-openssl> > sudarshan.t.raghavan>
jb-openssl> > sudarshan.t.raghavan>  Thanks,
jb-openssl> > sudarshan.t.raghavan>  Sudarshan
jb-openssl> >
jb-openssl> > Your assumption is correct, OpenSSL expects the same semantics as
jb-openssl> > malloc(), realloc() and free(), so you free() replacement must be 
able
jb-openssl> > to handle a NULL argument.
jb-openssl> ANSI C and POSIX free() is NOT required to handle free(NULL)
jb-openssl> as a NOP.
jb-openssl> 
jb-openssl> ANSI C++ operator delete() is required to do this, but this
jb-openssl> requirement does not extent to free() invoked from a C++ program.

I stand corrected.

-- 
Richard Levitte                         rich...@levitte.org
                                        http://richard.levitte.org/

"Life is a tremendous celebration - and I'm invited!"
-- from a friend's blog, translated from Swedish
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to