[openssl-dev] Memory leak in PKCS12_newpass function

Ramūnas Jurgilas ramunas.jurgilas at gmail.com
Fri Mar 18 11:52:26 UTC 2016

Hello OpenSSL Team,

I did write function which changes PKCS12 passphrase. I noticed that PKCS12_newpass function leaks memory. Memory leak disappears when commenting out line where is PKCS12_newpass func.

Below I posted this code which I am using.
I am using OpneSSL 1.0.2g version.

Could you please give me information what I am doing wrong? Or it is known issue?

Bets regards,

- (NSData*)changePKCS12:(NSData*)p12Data
          newPassphrase:(NSString*)newPassphrase {
    BIO *bp = NULL;
    PKCS12 *p12 = NULL;
    int status = 0;
    do {
        bp = BIO_new_mem_buf((void *)[p12Data bytes], (int)[p12Data length]);

        p12 = d2i_PKCS12_bio(bp, NULL);

// MEMORY LEAK in PKCS12_newpass
        status = PKCS12_newpass(p12, (char *)[oldPassphrase UTF8String], (char *)[newPassphrase UTF8String]);
    } while (false);

    if (p12) {
        p12 = NULL;
    if (bp) {
        bp = NULL;
    return NULL;

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-dev/attachments/20160318/837e1c55/attachment-0001.html>

More information about the openssl-dev mailing list