[openssl-dev] [openssl.org #4437] invalid free() by ENGINE_cleanup()
Matt Caswell
matt at openssl.org
Thu Mar 17 11:12:17 UTC 2016
On 17/03/16 10:49, Daniel Stenberg via RT wrote:
> Hey,
>
> In curl we call ENGINE_cleanup() as part of our OpenSSL specific cleanup
> function. When I do this with OpenSSL from git master as of right now
> (OpenSSL_1_1_0-pre4-7-ga717738) valgrind catches an illegal free:
Auto deinit automatically calls ENGINE_cleanup() so there is no need to
call it explicitly. The bug here is that ENGINE_cleanup() should really
be a no-op and deprecated in 1.1.0 to prevent double frees occuring.
Matt
More information about the openssl-dev
mailing list