Skip to content

OpenSSL memory leak in error queue #964

New issue
New issue
Closed
Closed
OpenSSL memory leak in error queue#964
Assignees
bagder
Labels
TLSmemory-leak
@nased0

Description

@nased0
nased0
opened on Aug 17, 2016

Hello
I have found memory leaks, increasing with every OpenSSL session.
I use SoftwareVerify Memory Validator and I have made screenshots:
http://images78.fotosik.pl/823/9e7658313231fd01.png
http://images76.fotosik.pl/823/a7587db189782949.png
My application uses OpenSSL certificates and private key in PEM files format.

As you can see on screenshots, leaking memory is allocated by OpenSSL's ERR_get_state() function, called by ERR_clear_error(), called by SSL_CTX_use_certificate_chain_file.
SSL_CTX_use_certificate_chain_file is called by cURL's cert_stuff function, used by ossl_connect_step1.

I wrote to Matt Caswell from openssl.org about this memleah, and he answered:
OpenSSL maintains a separate error queue for each thread. On each queue there can be
multiple errors. ERR_get_state() does not add any errors to the queue it
merely returns the ERR_STATE (i.e. the queue) for the current thread.
If the current thread has no queue then ERR_get_state() will create one.

ERR_clear_error() removes all the errors that are on the current
thread's queue. It does not deallocate the current thread's queue.

ERR_remove_thread_state() deallocates the specified thread's queue.

The mem leaks you are seeing are almost certainly because the queues for
your app's threads have not been deallocated.

I expected the following

Function ERR_remove_thread_state() should be called at the end of every OpenSSL session, because it deallocates memory allocated at the beginning of every OpenSSL Session.
I made a patch, which calls ERR_remove_thread_state() at Curl_ossl_close_all:
openssl_c_patch.txt

It solved the problem for me.

curl/libcurl version

curl 7.50.1 (i686-pc-mingw32) libcurl/7.50.1 OpenSSL/1.0.2h zlib/1.2.8 WinIDN libssh2/1.6.1_DEV
Protocols: dict file ftp ftps gopher http https imap imaps ldap pop3 pop3s rtsp scp sftp smtp smtps telnet tftp
Features: AsynchDNS TrackMemory IDN IPv6 Largefile SSPI Kerberos SPNEGO NTLM SSL libz

curl_memleak1
curl_memleak2

operating system

Windows 7 Professional x64

Metadata

Metadata

Assignees

Labels

TLSmemory-leak

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions