[openssl-users] calloc vs kssl_calloc
Geoffrey Coram
gjcoram at gmail.com
Mon Sep 26 16:32:58 UTC 2016
On 09/26/2016 12:11, Benjamin Kaduk <bkaduk at akamai.com> wrote:
>
> On 09/26/2016 11:01 AM, Salz, Rich wrote:
> > Kssl_calloc calls openssl_malloc which means the data must be
> free'd with openssl_free. And in debug builds any non-free'd data is
> a leak and reported. Ton line 875 the data is allocated and never
> free'd, so it skips the leak detection. In some of those other
> places, perhaps it's because the KRB API needs something it can free
> or realloc? I'm not sure.
> >
>
> It doesn't look like the allocated memory is used as input to a krb5
> routine, so I think it's just a bug.
>
> -Ben
As it turns out, that wasn't the code that was giving me trouble in my
application.
Instead, it's the code in crypto\LPdir_win.c, which is included via
crypto\LPdir_wince.c, which is included in crypto\o_dir.c
I found a portability tip on the web that says not to use malloc or
calloc in Windows CE applications. (Actually, Google found me a
result in the book "Making Win32 Applications Mobile" by Nancy
Nicolaisen.)
I've cc'ed Richard Levitte, who is credited for LPdir_win.c, perhaps
he can comment on whether LocalAlloc would be an appropriate
replacement.
Thanks.
More information about the openssl-users
mailing list