[openssl-users] calloc vs kssl_calloc
gjcoram at gmail.com
Fri Sep 30 12:11:45 UTC 2016
On Mon, Sep 26, 2016 at 12:11 PM, Benjamin Kaduk <bkaduk at akamai.com> wrote:
> On 09/26/2016 11:01 AM, Salz, Rich wrote:
> Kssl_calloc calls openssl_malloc which means the data must be free'd with openssl_free. And in debug builds any non-free'd data is a leak and reported. Ton line 875 the data is allocated and never free'd, so it skips the leak detection. In some of those other places, perhaps it's because the KRB API needs something it can free or realloc? I'm not sure.
> It doesn't look like the allocated memory is used as input to a krb5
> routine, so I think it's just a bug.
Is there something more I should do on this issue? I recall the OpenSSL
US export restrictions.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the openssl-users