Re: Leak in BN_rand_range?
On Wed, Sep 24, 2014 at 1:04 PM, Mounir IDRASSI wrote: > > The leak comes from the fact that you are passing a NULL "value" > parameter to BN_rand_range. This is unexpected as this is where the > result is supposed to be written. Internally, because of this NULL > pointer, OpenSSL allocate temporary BIGNUM that gets lost (allocated in > the call to BN_bin2bn inside the function bnrand at line 199 of bn_rand.c). > > To avoid this leak, just allocate your "value" variable at the begining > and don't free it inside the loop because its value will be updated by > BN_rand_range. So just add value = BN_new(); at the begining and remove > the if block inside the loop. > Oh, that's interesting. I incorrectly tested for 0 as success (and not 1). And the program did not segfault... Thanks for the help. __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Re: Leak in BN_rand_range?
Hi, The leak comes from the fact that you are passing a NULL "value" parameter to BN_rand_range. This is unexpected as this is where the result is supposed to be written. Internally, because of this NULL pointer, OpenSSL allocate temporary BIGNUM that gets lost (allocated in the call to BN_bin2bn inside the function bnrand at line 199 of bn_rand.c). To avoid this leak, just allocate your "value" variable at the begining and don't free it inside the loop because its value will be updated by BN_rand_range. So just add value = BN_new(); at the begining and remove the if block inside the loop. Cheers, -- Mounir IDRASSI IDRIX http://www.idrix.fr On 9/24/2014 6:27 PM, Jeffrey Walton wrote: > I've got a program that repeatedly calls BN_rand_range. Valgrind is > reporting 2.4 MB of leaks. > > If I comment out the loop that generates the range value, then the > leak summary drops to 0. > > Is there anything else I should be doing below? > > ** > > Error checking was removed from the sample, but nothing fails. > > #include > #include > #include > > #include > > #define ITERATIONS 1000UL > > int main(int argc, char* argv[]) > { > UNUSED(argc), UNUSED(argv); > > int rc = 0, err; > BIGNUM *range = NULL, *value = NULL; > > range = BN_new(); > rc = BN_set_word(range, 3); > > for(size_t i = 0; i < ITERATIONS; i++) > { > if(value) { > BN_free(value), value = NULL; > } > > rc = BN_rand_range(value, range); > } > > if(range) { > BN_free(range), range = NULL; > } > > if(value) { > BN_free(value), value = NULL; > } > > return 0; > } > __ > OpenSSL Project http://www.openssl.org > User Support Mailing Listopenssl-users@openssl.org > Automated List Manager majord...@openssl.org __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org
Leak in BN_rand_range?
I've got a program that repeatedly calls BN_rand_range. Valgrind is reporting 2.4 MB of leaks. If I comment out the loop that generates the range value, then the leak summary drops to 0. Is there anything else I should be doing below? ** Error checking was removed from the sample, but nothing fails. #include #include #include #include #define ITERATIONS 1000UL int main(int argc, char* argv[]) { UNUSED(argc), UNUSED(argv); int rc = 0, err; BIGNUM *range = NULL, *value = NULL; range = BN_new(); rc = BN_set_word(range, 3); for(size_t i = 0; i < ITERATIONS; i++) { if(value) { BN_free(value), value = NULL; } rc = BN_rand_range(value, range); } if(range) { BN_free(range), range = NULL; } if(value) { BN_free(value), value = NULL; } return 0; } __ OpenSSL Project http://www.openssl.org User Support Mailing Listopenssl-users@openssl.org Automated List Manager majord...@openssl.org