[openssl-dev] [openssl.org #4704] Memory leak in rsa_new/rsa_free

Simone Sgualdini via RT rt at openssl.org
Tue Oct 11 16:15:24 UTC 2016 

Hi,


I'm writing a c++ server application that calls thounsands of times per 
hour the rsa_new()
and rsa_free() openssl functions.

After debugging a lot I discovered that "sometimes" (I'm not able to 
tell a precise number) the rsa_free
does not release properly the memory allocated by the rsa_new.
In order to prove this I created the simple program below. If i run it, 
i see the related working set
going bigger and bigger, 4KB per second.

I'm using the 1.0.2.8 version of libeay32.dll and ssleay32.ddl under 
windows 7 64 bit.

It this a known bug? I'm forgetting something?

Thanks in advance

Simone Sgualdini
Italy


//---------------------------------------------------------------------------

#include <vcl.h>


#ifdef _cplusplus
extern "C"
   {
#endif
     #include <openssl/rand.h>
     #include <openssl/ssl.h>
     #include <openssl/err.h>
       #include <openssl/rsa.h>
       #include <openssl/bn.h>
#ifdef _cplusplus
   }
#endif
#pragma hdrstop

HMODULE libeay32DLL = NULL;
HMODULE ssleay32DLL = NULL;

typedef RSA      *    (CALLBACK *myRSA_new) (void);
typedef void          (CALLBACK *myRSA_free) (RSA *r);
typedef int           (CALLBACK *mySSL_library_init) (void);

    myRSA_new                _RSA_new                = NULL;
    myRSA_free               _RSA_free               = NULL;
    mySSL_library_init       _SSL_library_init;

//---------------------------------------------------------------------------

#pragma argsused

int main(int argc, char* argv[])
{
   RSA           *rsa;
   unsigned long count = 0;

   libeay32DLL = LoadLibrary("libeay32.dll");
   ssleay32DLL = LoadLibrary("ssleay32.dll");

   if(libeay32DLL && ssleay32DLL)
     {
       _RSA_new                = (myRSA_new) 
GetProcAddress(libeay32DLL,"RSA_new");
       _RSA_free               = (myRSA_free) 
GetProcAddress(libeay32DLL,"RSA_free");
       _SSL_library_init       = (mySSL_library_init) 
GetProcAddress(ssleay32DLL,"SSL_library_init");
     }

   _SSL_library_init();

   while(1)
      {

       if(++count %100 == 0)  // whitout this, I get a stack overflow 
immediately
          Sleep(1);

*_RSA_free(_RSA_new());*
     }

   return 0;
}


-- 
Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4704
Please log in as guest with password guest if prompted

More information about the openssl-dev mailing list