[openssl-users] Handle Leaks - shmem-win32.c shmem.c - OpenSSL 1.0.1l

Avery A. Tarasov Avery.A.Tarasov at SecurityEngineer.Pro
Sun Jan 25 16:57:07 UTC 2015 

Hi Michel,

In the code I sent over before, I was calling CloseHandle on the thread:

HANDLE h1=CreateThread(0,0,thread1,0,0,&t1);  if(h1==0)  {  return 0;     }*CloseHandle(h1);*  


  I modified the code you sent slightly so the cleanup functions all get 
reached.  Still getting handle leaks (see info at bottom of the email 
thread).  In the code below, I check the program for leaks once the 
MessageBox pops up after all the cleanup functions.  Then there is a 20 
second pause after which the program exits.

The results are the same as before.. why is it that the program doesn't 
leak anymore if the creation of the thread is removed which essentially 
does nothing?  Also why is it that if all the SSL functions are removed 
in the program, but the thread is still created the leaks go away?  
Something weird is going on. It is as if OpenSSL just doesn't like the 
CreateThread function being used (even if the thread doesn't do anything 
related to OpenSSL (tried modifying code in the thread to do nothing -- 
e.g. blank thread). Thanks for the help, all.

     for( int i=0; i<7; i++ ) Sleep(1000);

   CloseHandle( h1 );

     ERR_remove_state(0);
     EVP_cleanup();
     ERR_free_strings();
     CRYPTO_cleanup_all_ex_data();
     sk_SSL_COMP_free( SSL_COMP_get_compression_methods());

     _CrtDumpMemoryLeaks();

*MessageBox*(0,"gothere","gothere",0); *// at this point Handle leaks 
are still being reported... see data below*

     Sleep(20000);




Address / Handle: 0x0000C001
shmem-win32.c
sslleak.exe
Atom
0 bytes
Thread ID: 14524
1/25 11:38:34 827ms (Lifetime:00:00:39:561ms)
Sequence: 11
sslleak.exe  ___shmem_grab : [shmem-win32.c Line 0]
sslleak.exe  _fc_key_init_once : [unwind-sjlj.c Line 0]
sslleak.exe  ___tmainCRTStartup : [crtexe.c Line 0]
kernel32.dll  BaseThreadInitThunk : [{FUNC}BaseThreadInitThunk Line 0]
ntdll.dll  RtlInitializeExceptionChain : 
[{FUNC}RtlInitializeExceptionChain Line 0]
ntdll.dll  RtlInitializeExceptionChain : 
[{FUNC}RtlInitializeExceptionChain Line 0]



Address / Handle: 0x0000C004
shmem.c
sslleak.exe
Atom
0 bytes
Thread ID: 14524
1/25 11:38:34 827ms (Lifetime:00:00:39:561ms)
Sequence: 27
sslleak.exe  ___shmem_winpthreads_grab : [shmem.c Line 0]
sslleak.exe  _mutex_ref_init : [mutex.c Line 0]
sslleak.exe  _enterOnceObject : [thread.c Line 0]
sslleak.exe  ___tmainCRTStartup : [crtexe.c Line 0]
kernel32.dll  BaseThreadInitThunk : [{FUNC}BaseThreadInitThunk Line 0]
ntdll.dll  RtlInitializeExceptionChain : 
[{FUNC}RtlInitializeExceptionChain Line 0]

Address / Handle: 0x0000C00F
shmem-win32.c
sslleak.exe
Atom
0 bytes
Thread ID: 14524
1/25 11:38:34 827ms (Lifetime:00:00:39:561ms)
Sequence: 97
sslleak.exe  ___shmem_grab : [shmem-win32.c Line 0]
sslleak.exe  ___shmem_grab : [shmem-win32.c Line 0]

Address / Handle: 0x0000C009
shmem.c
sslleak.exe
Atom
0 bytes
Thread ID: 14524
1/25 11:38:34 827ms (Lifetime:00:00:39:561ms)
Sequence: 61
sslleak.exe  ___shmem_winpthreads_grab : [shmem.c Line 0]
sslleak.exe  _mutex_static_init : [mutex.c Line 0]
sslleak.exe  _pop_pthread_mem : [thread.c Line 0]
sslleak.exe  _pop_pthread_mem : [thread.c Line 0]



Address / Handle: 0x0000C012
shmem.c
sslleak.exe
Atom
0 bytes
Thread ID: 14524
1/25 11:38:34 842ms (Lifetime:00:00:39:546ms)
Sequence: 112
sslleak.exe  ___shmem_winpthreads_grab : [shmem.c Line 0]
sslleak.exe  _rwlock_static_init : [rwlock.c Line 0]
sslleak.exe  _rwlock_static_init : [rwlock.c Line 0]








On 1/25/2015 6:05 AM, Michel SALES wrote:
> Hi Avery,
>
> I am afraid your program demonstrates very little.
>
> If you load OpenSSL library, you have to call some of the OpenSSL free
> functions as indicated in a previous post,
> and if you create a thread, you have to call CloseHandle() :
>
> #include <windows.h>
> #include <crtdbg.h>
>
> #include <openssl/ssl.h>
> #include <openssl/err.h>
>
> DWORD __stdcall thread1( LPVOID l )
> {
>      for( int i=0; i<7; i++ )
>          Sleep(1000);
>      ERR_remove_state(0);
>      return 0;
> }
>
> int main( int argc, char* argv[] )
> {
> //  _crtBreakAlloc = ...;
>
>      SSL_library_init();
>      SSL_load_error_strings();
>
>      DWORD  t1;
>      HANDLE h1 = CreateThread( 0, 0, thread1, 0, 0, &t1 );
>
>      for( int i=0; i<7; i++ ) Sleep(1000);
>
>      if( h1 ) {
>          WaitForSingleObject( thread1, INFINITE );
>          CloseHandle( h1 );
>      }
>      
>      ERR_remove_state(0);
>      EVP_cleanup();
>      ERR_free_strings();
>      CRYPTO_cleanup_all_ex_data();
>      sk_SSL_COMP_free( SSL_COMP_get_compression_methods());
>
>      _CrtDumpMemoryLeaks();
>
>      return 0;
> }
>
> Hope it helps,
>
> Michel
>
>
> De : openssl-users [mailto:openssl-users-bounces at openssl.org] De la part de
> Avery A. Tarasov
> Envoyé : samedi 24 janvier 2015 22:34
> À : openssl-users at openssl.org
> Objet : Re: [openssl-users] Handle Leaks - shmem-win32.c shmem.c - OpenSSL
> 1.0.1l
>
> Hi Michel,
>
> It doesn't appear to be related to that.  I added CloseHandle's and got the
> same result.
>
> Here are my updated findings... The following simple program still causes
> the same Handle Leaks...
>
> Important findings:
>
> 1)  If    SSL_library_init() and SSL_load_error_strings() are removed (which
> are the only 2 OpenSSL functions I'm using).... the handle leaks go away..
> 2)  If    SSL_library_init() and SSL_load_error_strings() are kept but the
> creation of the thread is removed  -- no more handle leaks..
>
> So the problem is something related to the combination of loading OpenSSL
> and creating a thread (even though that thread does nothing whatsoever
> related to OpenSSL).  Very odd.
>
> DWORD __stdcall thread1(LPVOID l)
> {
>      while(1)
>      {   Sleep(1000);    }
> }
> int WINAPI WinMain(HINSTANCE hInstance, HINSTANCE hPrevInstance, LPSTR
> lpCmdLine, int nCmdShow) {
>
>
>       SSL_library_init();   // if these 2 lines removed
>      SSL_load_error_strings();  // no more handle leaks
>      DWORD t1;
>      
>      HANDLE h1=CreateThread(0,0,thread1,0,0,&t1);  if(h1==0)  {  return
> 0;     }      CloseHandle(h1);  //if  SSL_library_init(); and
> SSL_load_error_strings();  are kept  but this line is removed... no more
> handle leaks
>
>
>      while(1)
>      {
>          Sleep(1000);
>      }
> }
>
>
>
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150125/6e47bac2/attachment.html>

More information about the openssl-users mailing list