On Wed, 22 Apr 1998, Tomas Hellberg wrote:
> I'm using SSLeay for WIN32. I also use a program called BoundsChecker
> from NuMega to check that all system resources are freed after use. When
> executing my SSL application, BoundsChecker reports the following memory
> leaks:
>
> Memory leak: 2048 bytes allocated by malloc in crypto\lhash\lhash.c
> (346), HANDLE: 0x025212F0
> Memory leak: 20 bytes allocated by malloc in crypto\mem.c (146), HANDLE:
> 0x02530F90
> Memory leak: 32 bytes allocated by malloc in crypto\mem.c (153), HANDLE:
> 0x02530FD0
> Memory leak: 12 bytes allocated by malloc in crypto\lhash\lhash.c (201),
> HANDLE: 0x02531160
> Memory leak: 92 bytes allocated by malloc in crypto\lhash\lhash.c (129),
> HANDLE: 0x02531540
>
> Am I using SSLeay in the wrong way, or does BoundsChecker lie? I'm
> basically doing the following:
>
> SSL_CTX* pCtx;
>
> SSLeay_add_ssl_algorithms();
^^^^^^^^^^^^^^^^^^^^^^^^^
This function loads a lhash table with the values of various ciphers and
digests. It is not ever deallocated. The static structures are located
in crypto/evp/names.c, around line 64,
static STACK /* ALIASES */ *aliases=NULL;
static STACK /* EVP_CIPHERS */ *ciphers=NULL;
static STACK /* EVP_MD */ *digests=NULL;
EVP_cleanup() should free these. Bounds checker is not showing the though,
rather strange....
> SSL_load_error_strings();
This should also generate lots of memory leak warnings since it too uses
a static array, from crypto/err/err.c:68
static LHASH *error_hash=NULL;
static LHASH *thread_hash=NULL;
This could be the 'leaks'.
ERR_free_strings() frees the memory allocated for the error strings and
If errors have been reported, error state will be allocated on a per thread
basis,
void ERR_remove_state(unsigned long pid); /* if zero we look it up */
will free this memory. (pid of 0 means the current caller).
> pCtx = SSL_CTX_new(SSLv23_server_method());
>
> SSL_CTX_use_certificate_file(pCtx,
> "c:\\projekt\\cert\\proxy-cert.pem", SSL_FILETYPE_PEM);
> SSL_CTX_use_RSAPrivateKey_file(pCtx,
> "c:\\projekt\\cert\\proxy-key.pem", SSL_FILETYPE_PEM);
>
> SSL_CTX_free(pCtx);
Those are the only things I can think off, mostly benine, but if you add
EVP_cleanup();
ERR_free_strings();
ERR_remove_state(0);
they should go away.
eric
+-------------------------------------------------------------------------+
| Administrative requests should be sent to [EMAIL PROTECTED] |
| List service provided by Open Software Associates, http://www.osa.com/ |
+-------------------------------------------------------------------------+
