cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: PKCS#12 client certificate memory leak

From: Johannes Bauer <Jb.Imm_at_gmx.de>
Date: Wed, 18 Jan 2012 11:56:31 +0100

On 18.01.2012 11:35, Daniel Stenberg wrote:
> On Wed, 18 Jan 2012, Johannes Bauer wrote:
>
>> Just checked the code against vanilla libcurl 7.23.1 where I can
>> confirm the results. Architecture is x86_64.
>
> Do you build with symbols still around so that you can provide a better
> valgrind backtrace?

Yup, I traced the problem and here's the patch that fixes the problem
for me:

diff -r -c3 curl-7.23.1-orig/lib/ssluse.c curl-7.23.1/lib/ssluse.c
*** curl-7.23.1-orig/lib/ssluse.c 2011-11-06 16:58:24.000000000 +0100
--- curl-7.23.1/lib/ssluse.c 2012-01-18 11:55:06.000000000 +0100
***************
*** 497,502 ****
--- 497,505 ----
          }
        }

+ if(ca) {
+ sk_X509_pop_free(ca, X509_free);
+ }
        EVP_PKEY_free(pri);
        X509_free(x509);
        cert_done = 1;

Here's the valgrind stacktrace when the patch is not applied:

==17655== 64 (32 direct, 32 indirect) bytes in 1 blocks are definitely
lost in loss record 428 of 492
==17655== at 0x4C28FAC: malloc (vg_replace_malloc.c:236)
==17655== by 0x5D94CA1: CRYPTO_malloc (in /lib/libcrypto.so.0.9.8)
==17655== by 0x5DF168E: sk_new (in /lib/libcrypto.so.0.9.8)
==17655== by 0x5E3F63C: PKCS12_parse (in /lib/libcrypto.so.0.9.8)
==17655== by 0x4E649BC: cert_stuff (ssluse.c:449)
==17655== by 0x4E66920: ossl_connect_step1 (ssluse.c:1553)
==17655== by 0x4E69540: ossl_connect_common (ssluse.c:2451)
==17655== by 0x4E697EC: Curl_ossl_connect (ssluse.c:2550)
==17655== by 0x4E8674D: Curl_ssl_connect (sslgen.c:197)
==17655== by 0x4E494A4: Curl_http_connect (http.c:1343)
==17655== by 0x4E5F5E9: Curl_protocol_connect (url.c:3359)
==17655== by 0x4E62F0D: Curl_setup_conn (url.c:5134)

The patch works for me. Could you take a look if it's correct and maybe
include it?

Best regards,
Joe
-------------------------------------------------------------------
List admin: http://cool.haxx.se/list/listinfo/curl-library
Etiquette: http://curl.haxx.se/mail/etiquette.html
Received on 2012-01-18