[openssl-dev] TR: [openssl.org #4172] SRP VBASE stuff still leaking memory
Michel via RT
rt at openssl.org
Thu Dec 10 22:37:07 UTC 2015
Hello Kurt,
I was not able to 'configure' the master branch for debug-VC-WIN32.
I got the error message 'pick os/compiler from: ...
However I succeeded with VC-WIN32.
I guess this is something related to the new configure perl script and debug/non-debug options, but I am lost with perl.
Could you please help for this ?
Michel.
-----Message d'origine-----
De : openssl-dev [mailto:openssl-dev-bounces at openssl.org] De la part de Michel via RT
Envoyé : jeudi 10 décembre 2015 17:00
Cc : openssl-dev at openssl.org
Objet : Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory
Hi Kurt,
At first glance, it's a fact that your patch is better.
:-)
I should have thought to some of your improvement, like SRP_gN_new().
I will test it tonight and come back to you.
Many for thanks for your interrest in this matter,
Michel.
-----Message d'origine-----
De : Kurt Roeckx via RT [mailto:rt at openssl.org] Envoy : jeudi 10 d cembre 2015 15:38 : michel.sales at free.fr Cc : openssl-dev at openssl.org Objet : Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory
On Thu, Dec 10, 2015 at 03:19:54PM +0100, Kurt Roeckx wrote:
> On Thu, Dec 10, 2015 at 01:27:38PM +0100, Kurt Roeckx wrote:
> > On Thu, Dec 10, 2015 at 01:16:48PM +0100, Kurt Roeckx wrote:
> > > On Mon, Dec 07, 2015 at 03:47:56PM +0000, Michel via RT wrote:
> > > > Hi,
> > > >
> > > > Following my previous mail, here attached is an updated patch
> > > > against 1.02e to fix the SRP VBASE memory leaks.
> > >
> > > Can you confirm that this would be the correct patch for master?
> >
> > The following patch should at least compile.
>
> I fixed a few more things, cleaned up some things. New patch
> attached.
I think there is something wrong with new SRP_gN_free(). You now also free g and N, and it's not clear to me who the owner of those is. I think the cache is, in which case we should not free them.
I think the cache also isn't cleared, we should probably call
SRP_VBASE_free() when SRP_VBASE_init() fails.
Kurt
_______________________________________________
openssl-dev mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
More information about the openssl-dev
mailing list