On Wed, 8 Apr 2009, Toshio Kuratomi wrote:

> nss-3.12.2.0-5.fc10.i386
> libcurl-7.19.4-3.fc10.i386

Ok. In my end I run libcurl CVS HEAD (no NSS-related changes since 7.19.4) and
NSS 3.12.2.0 from Debian Unstable (3.12.2.with.ckbi.1.73-1) and as far as I
know that doesn't have the cert-from-file patches etc that Fedora uses.

Anyway, I reduced the number of loops in your sample to the scientific amount
13 and then valgrind says this:

==31868== 48 bytes in 2 blocks are possibly lost in loss record 3 of 6
==31868== at 0x402601E: malloc (vg_replace_malloc.c:207)
==31868== by 0x4254A87: PR_Malloc (in /usr/lib/libnspr4.so.0d)
==31868== by 0x424BD8B: (within /usr/lib/libnspr4.so.0d)
==31868== by 0x42659E3: (within /usr/lib/libnspr4.so.0d)
==31868== by 0x4266E22: PR_Socket (in /usr/lib/libnspr4.so.0d)
==31868== by 0x4266FAD: PR_NewTCPSocket (in /usr/lib/libnspr4.so.0d)
==31868== by 0x80563EF: Curl_nss_connect (nss.c:1033)
==31868== by 0x8053D28: Curl_ssl_connect (sslgen.c:185)
==31868== by 0x805DB45: Curl_http_connect (http.c:1793)
==31868== by 0x8066056: Curl_protocol_connect (url.c:2992)
==31868== by 0x8068A6B: setup_conn (url.c:4624)
==31868== by 0x8068BDE: Curl_connect (url.c:4700)
==31868==
==31868== LEAK SUMMARY:
==31868== definitely lost: 0 bytes in 0 blocks.
==31868== possibly lost: 48 bytes in 2 blocks.
==31868== still reachable: 12,398 bytes in 89 blocks.
==31868== suppressed: 0 bytes in 0 blocks.

I checked the code in libcurl right now and I cannot see how this is a flaw in
the libcurl code, but I'm not guaranteeing anything...

-- 
  / daniel.haxx.se