[Openssl 1.1.1n] application core dump while calling sk_X509_pop_free(s->verified_chain, X509_free);

Michael Wojcik Michael.Wojcik at microfocus.com
Fri Mar 3 14:39:51 UTC 2023

> From: openssl-users <openssl-users-bounces at openssl.org> On Behalf Of
> Viktor Dukhovni
> Sent: Thursday, 2 March, 2023 22:49
> On Fri, Mar 03, 2023 at 02:21:43AM +0000, Ma Zhenhua wrote:
> > My application core dumps twice in the same procedure while pop and
> > free s->verified_chain. I don't find possible cause until now. Any
> > constructive advice is highly appreciated.
> You've corrupted the heap prior to that call, or, ignoring the documentation, or
> previously freed the verified chain, which is owned by SSL handle, and must
> not be freed by the application.
> See SSL_get0_verified_chain(3).  OpenSSL's handling of this object is correct.
> You'll have to figure out where you went wrong.

Using a heap-activity analyzer such as valgrind would be a good idea.

Michael Wojcik

More information about the openssl-users mailing list