Re: Leak in BN_rand_range?
On Wed, Sep 24, 2014 at 1:04 PM, Mounir IDRASSI wrote: > > The leak comes from the fact that you are passing a NULL "value" > parameter to BN_rand_range. This is unexpected as this is where the > result is supposed to be written. Internally, because of this NULL > pointer, OpenSSL allocate temporary BIGNUM that gets lost (allocated in > the call to BN_bin2bn inside the function bnrand at line 199 of bn_rand.c). > > To avoid this leak, just allocate your "value" variable at the begining > and don't free it inside the loop because its value will be updated by > BN_rand_range. So just add value = BN_new(); at the begining and remove > the if block inside the loop. > Oh, that's interesting. I incorrectly tested for 0 as success (and not 1). And the program did not segfault... Thanks for the help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Leak in BN_rand_range?
Hi,
The leak comes from the fact that you are passing a NULL "value"
parameter to BN_rand_range. This is unexpected as this is where the
result is supposed to be written. Internally, because of this NULL
pointer, OpenSSL allocate temporary BIGNUM that gets lost (allocated in
the call to BN_bin2bn inside the function bnrand at line 199 of bn_rand.c).
To avoid this leak, just allocate your "value" variable at the begining
and don't free it inside the loop because its value will be updated by
BN_rand_range. So just add value = BN_new(); at the begining and remove
the if block inside the loop.
Cheers,
--
Mounir IDRASSI
IDRIX
http://www.idrix.fr
On 9/24/2014 6:27 PM, Jeffrey Walton wrote:
> I've got a program that repeatedly calls BN_rand_range. Valgrind is
> reporting 2.4 MB of leaks.
>
> If I comment out the loop that generates the range value, then the
> leak summary drops to 0.
>
> Is there anything else I should be doing below?
>
> **
>
> Error checking was removed from the sample, but nothing fails.
>
> #include
> #include
> #include
>
> #include
>
> #define ITERATIONS 1000UL
>
> int main(int argc, char* argv[])
> {
> UNUSED(argc), UNUSED(argv);
>
> int rc = 0, err;
> BIGNUM *range = NULL, *value = NULL;
>
> range = BN_new();
> rc = BN_set_word(range, 3);
>
> for(size_t i = 0; i < ITERATIONS; i++)
> {
> if(value) {
> BN_free(value), value = NULL;
> }
>
> rc = BN_rand_range(value, range);
> }
>
> if(range) {
> BN_free(range), range = NULL;
> }
>
> if(value) {
> BN_free(value), value = NULL;
> }
>
> return 0;
> }
> __
> OpenSSL Project http://www.openssl.org
> User Support Mailing Listopenssl-users@openssl.org
> Automated List Manager majord...@openssl.org
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
Leak in BN_rand_range?
I've got a program that repeatedly calls BN_rand_range. Valgrind is
reporting 2.4 MB of leaks.
If I comment out the loop that generates the range value, then the
leak summary drops to 0.
Is there anything else I should be doing below?
**
Error checking was removed from the sample, but nothing fails.
#include
#include
#include
#include
#define ITERATIONS 1000UL
int main(int argc, char* argv[])
{
UNUSED(argc), UNUSED(argv);
int rc = 0, err;
BIGNUM *range = NULL, *value = NULL;
range = BN_new();
rc = BN_set_word(range, 3);
for(size_t i = 0; i < ITERATIONS; i++)
{
if(value) {
BN_free(value), value = NULL;
}
rc = BN_rand_range(value, range);
}
if(range) {
BN_free(range), range = NULL;
}
if(value) {
BN_free(value), value = NULL;
}
return 0;
}
__
OpenSSL Project http://www.openssl.org
User Support Mailing Listopenssl-users@openssl.org
Automated List Manager majord...@openssl.org
