[openssl-users] Potential memory leak in RSA_private_decrypt

Matt Caswell matt at openssl.org
Tue Nov 7 10:36:13 UTC 2017



On 07/11/17 10:01, Wang wrote:
> Hello Rich,
> 
> Thank you for trying to help. 
> 
> My product is running on Linux. The following leak was detected by Valgrind.
> Valgrind only reportes
> the leak in threaded mode. I run 'top' on linux to monitor the memory usage
> of my product. I can see the memory usage increases quickly.
> 
> ==9721== 520 bytes in 1 blocks are indirectly lost in loss record 1,178 of 
> 1,294 
> ==9721==    at 0x4A0817C: malloc (vg_replace_malloc.c:298) 
> ==9721==    by 0x5B29CD0: comn_malloc (comalloc.c:28) 
> ==9721==    by 0x58E7DD2: comn__csi_malloc (netenc2.c:52) 
> ==9721==    by 0xBBC37EA: local_malloc (csi_provider_common.c:624) 
> ==9721==    by 0xBC1747F: default_malloc_ex (mem.c:79) 
> ==9721==    by 0xBC17BA6: CRYPTO_malloc (mem.c:350) 
> ==9721==    by 0xBC2648F: bn_expand_internal (bn_lib.c:303) 
> ==9721==    by 0xBC266AA: bn_expand2 (bn_lib.c:431) 
> ==9721==    by 0xBC26FF6: BN_set_bit (bn_lib.c:736) 
> ==9721==    by 0xBCE0880: BN_MONT_CTX_set (bn_mont.c:494) 
> ==9721==    by 0xBCE0A2F: BN_MONT_CTX_set_locked (bn_mont.c:544) 
> ==9721==    by 0xBCED0C0: RSA_eay_mod_exp (rsa_eay.c:763) 
> ==9721==    by 0xBCEC747: RSA_eay_private_decrypt (rsa_eay.c:554) 
> ==9721==    by 0xBC3B7DE: RSA_private_decrypt (rsa_crpt.c:111) 

Is this the "bottom" of the OpenSSL stack? i.e. your application calls
RSA_private_decrypt() directly? Do you share a single RSA object across
multiple threads?

Matt



More information about the openssl-users mailing list