Re: Preferred way to free ssl_comp_methods?

Wed, 26 Feb 2014 13:49:45 -0800 

This worked well under Linux with GCC. It cleared the Valgrind squawks.

/* Add to end of <openssl dir>/ssl/ssl_ciph.c */
#ifndef OPENSSL_NO_COMP
void free_compressions(void) __attribute__ ((destructor));
void free_compressions(void)
{
    if (ssl_comp_methods != NULL)
        {
        sk_SSL_COMP_free(ssl_comp_methods);
        ssl_comp_methods = NULL;
        }
}
#endif

On Mon, Feb 24, 2014 at 9:40 PM, Jeffrey Walton <noloa...@gmail.com> wrote:
> ssl/ssl_ciphr.c has the following:
>
> static STACK_OF(SSL_COMP) *ssl_comp_methods=NULL;
>
> ssl_comp_methods is allocated with  SSL_library_init, but it does not
> appear to be freed with any of the cleanup functions (ENGINE_cleanup,
> CONF_modules_unload, EVP_cleanup, CRYPTO_cleanup_all_ex_data,
> ERR_remove_state, ERR_free_strings). Its causing a finding under
> valgrind (below).
>
> There's a few bug reports circulating on the finding:
>
> * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=584968
> * http://rt.openssl.org/Ticket/Display.html?id=2561&user=guest&pass=guest
> * http://rt.openssl.org/Ticket/Display.html?id=2439&user=guest&pass=guest
>
> What is the preferred way to free ssl_comp_methods?
>
> Thanks in advance.
>
> ==3614== HEAP SUMMARY:
> ==3614==     in use at exit: 64 bytes in 2 blocks
> ==3614==   total heap usage: 1,787 allocs, 1,785 frees, 156,519 bytes 
> allocated
> ==3614==
> ==3614== 32 bytes in 1 blocks are still reachable in loss record 1 of 2
> ==3614==    at 0x4C28D84: malloc (vg_replace_malloc.c:291)
> ==3614==    by 0x51535AF: CRYPTO_malloc (in
> /usr/local/ssl/lib/libcrypto.so.1.0.0)
> ==3614==    by 0x51F4D2E: sk_new (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
> ==3614==    by 0x4E70519: load_builtin_compressions (in
> /usr/local/ssl/lib/libssl.so.1.0.0)
> ==3614==    by 0x4E72A88: SSL_COMP_get_compression_methods (in
> /usr/local/ssl/lib/libssl.so.1.0.0)
> ==3614==    by 0x4E779A5: SSL_library_init (in
> /usr/local/ssl/lib/libssl.so.1.0.0)
> ==3614==    by 0x40BECF: OpenSSLInit::OpenSSLInit(int) (ac-openssl.cpp:36)
> ==3614==    by 0x410BF7: main
> ==3614==
> ==3614== 32 bytes in 1 blocks are still reachable in loss record 2 of 2
> ==3614==    at 0x4C28D84: malloc (vg_replace_malloc.c:291)
> ==3614==    by 0x51535AF: CRYPTO_malloc (in
> /usr/local/ssl/lib/libcrypto.so.1.0.0)
> ==3614==    by 0x51F4D4C: sk_new (in /usr/local/ssl/lib/libcrypto.so.1.0.0)
> ==3614==    by 0x4E70519: load_builtin_compressions (in
> /usr/local/ssl/lib/libssl.so.1.0.0)
> ==3614==    by 0x4E72A88: SSL_COMP_get_compression_methods (in
> /usr/local/ssl/lib/libssl.so.1.0.0)
> ==3614==    by 0x4E779A5: SSL_library_init (in
> /usr/local/ssl/lib/libssl.so.1.0.0)
> ==3614==    by 0x40BECF: OpenSSLInit::OpenSSLInit(int) (ac-openssl.cpp:36)
> ==3614==    by 0x410BF7: main
> ==3614==
> ==3614== LEAK SUMMARY:
> ==3614==    definitely lost: 0 bytes in 0 blocks
> ==3614==    indirectly lost: 0 bytes in 0 blocks
> ==3614==      possibly lost: 0 bytes in 0 blocks
> ==3614==    still reachable: 64 bytes in 2 blocks
> ==3614==         suppressed: 0 bytes in 0 blocks
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to