[openssl-dev] [openssl.org #4092] Fwd: Memory Leak in X509_STORE_CTX_init
Srinivas Thota via RT
rt at openssl.org
Tue Oct 13 12:50:39 UTC 2015
Hi,
Valgrind Reported Leak
=====================================
==16773== 56 bytes in 1 blocks are definitely lost in loss record 806 of
1,182
==16773== at 0x4A07F9E: malloc (vg_replace_malloc.c:291)
==16773== by 0x3613672AE7: CRYPTO_malloc (in /lib64/libcrypto.so.1.0.0)
==16773== by 0x361372B5F6: X509_VERIFY_PARAM_new (in
/lib64/libcrypto.so.1.0.0)
==16773== by 0x3613725AAA: X509_STORE_CTX_init (in
/lib64/libcrypto.so.1.0.0)
....
=====================================
Code
========================================
void X509_STORE_CTX_cleanup(X509_STORE_CTX *ctx)
{
if (ctx->cleanup)
ctx->cleanup(ctx);
if (ctx->param != NULL) {
if (ctx->parent == NULL) // ONLY if parent is NULL param is free'd.
X509_VERIFY_PARAM_free(ctx->param);
ctx->param = NULL;
}
...
}
=========================================
Code checks for ctx->parent and only then it is freeing ctx->param.
This has to be corrected to free ctx->param even if ctx->parent is NULL.
Please let me know if this is correct fix.
Thanks,
-------------- next part --------------
_______________________________________________
openssl-bugs-mod mailing list
openssl-bugs-mod at openssl.org
https://mta.openssl.org/mailman/listinfo/openssl-bugs-mod
More information about the openssl-dev
mailing list