[openssl-dev] [openssl.org #4466] Memory leak in PKCS12_newpass function

Ramūnas Jurgilas via RT rt at openssl.org
Mon Mar 21 13:02:56 UTC 2016

I did write function which changes PKCS12 passphrase. I noticed that PKCS12_newpass function leaks memory. Memory leak disappears when commenting out line where is PKCS12_newpass func.

Below I posted this code which I am using.
I am using OpneSSL 1.0.2g version.

Could you please give me information what I am doing wrong? Or it is known issue?

Bets regards,

- (NSData*)changePKCS12:(NSData*)p12Data
          newPassphrase:(NSString*)newPassphrase {
    BIO *bp = NULL;
    PKCS12 *p12 = NULL;
    int status = 0;
    do {
        bp = BIO_new_mem_buf((void *)[p12Data bytes], (int)[p12Data length]);

        p12 = d2i_PKCS12_bio(bp, NULL);

// MEMORY LEAK in PKCS12_newpass
        status = PKCS12_newpass(p12, (char *)[oldPassphrase UTF8String], (char *)[newPassphrase UTF8String]);
    } while (false);

    if (p12) {
        p12 = NULL;
    if (bp) {
        bp = NULL;
    return NULL;

Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4466
Please log in as guest with password guest if prompted

More information about the openssl-dev mailing list