cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: PKCS#12 client certificate memory leak

From: Johannes Bauer <Jb.Imm_at_gmx.de>
Date: Wed, 18 Jan 2012 10:41:18 +0100

On 17.01.2012 17:48, Johannes Bauer wrote:

> when using libcurl 7.21.3-1ubuntu1.3 it can be observed that parsing a
> PKCS#12 client certificate yields a memory leak at each called
> curl_easy_perform instance (and only if the connection succeeds, too):

To followup on this: Apparently it doesn't matter if the connection
succeeds or not, contrary to my previous claim.

I've created a minimal working example that demonstrates the problem and
would be delighted if any of you could try it out and tell me your results.

The code can be found here: http://pastebin.com/bTMBUJb7

The three certificate files (the cert, the key and both in a PKCS#12
file can be found here): http://pastebin.com/2mRNQLH6

The keyblob is a base64-encoded tar.gz file. Decode it by copy/pasting
it into a file and then running:

cat x | openssl base64 -d | tar xvz

Place the program code in the certificate directory. Then compile it:

gcc -lcurl -Wall -g -O2 -o curlproblem curlproblem.c

Then run it with either no argument (use PKCS#12 cert, memory leak) or
with "pem" as argument (use PEM, no memory leak):

valgrind --leak-check=full ./curlproblem
[...]
==9393== LEAK SUMMARY:
==9393== definitely lost: 32 bytes in 1 blocks
==9393== indirectly lost: 32 bytes in 1 blocks
==9393== possibly lost: 0 bytes in 0 blocks
==9393== still reachable: 69,312 bytes in 2,443 blocks
==9393== suppressed: 0 bytes in 0 blocks
==9393== Reachable blocks (those to which a pointer was found) are not
shown.

valgrind --leak-check=full ./curlproblem pem
==9396== LEAK SUMMARY:
==9396== definitely lost: 0 bytes in 0 blocks
==9396== indirectly lost: 0 bytes in 0 blocks
==9396== possibly lost: 0 bytes in 0 blocks
==9396== still reachable: 68,992 bytes in 2,437 blocks
==9396== suppressed: 0 bytes in 0 blocks

Best regards,
Joe

-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-01-18