[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Memory leak in OpenSSL application

Posted on 2005-04-26
4
Medium Priority
?
3,475 Views
Last Modified: 2008-01-09
Hi all,
    I've written an application that uses OpenSSL library. But I've found there are memory leaks of several kilobytes whenever a client connects to my server program. Both uses TLS. The server program never frees up the memory when the client disconnects. I've found out this problem from issuing "top" command in GNU/Linux. Here is a summary of what happens inside the server program from the moment a client connects till it disconnects:

  BIO_do_accept(acc)    (Connection stage)
  client = BIO_pop(acc)
  ssl = SSL_new(ctx)
  SSL_set_accept_state(ssl)
  SSL_set_bio(ssl, client, client)
  SSL_accept(ssl)

  SSL_read/write(ssl ....)  (Processing data)

  SSL_shutdown(ssl)    (Disconnection stage)
  SSL_free(ssl)
  ERR_free_strings()
  ERR_clear_error()
  ERR_remove_state(0)

    acc is a BIO object, whereas CTX is a SSL_CTX object. Both of the these objects are only freed up using SSL_CTX_free(ctx) and BIO_free(acc) when the server program shutdowns. My server program was written using the guideline from the book "Network Security with OpenSSL". Ironically, the example in the book also have memory leak.
    I use valgrind 2.2 and valgrind 2.4 to debug my server program. Valgrind 2.2 crashes but is able to report that there are several block of leaks that are caused by CRYPTO_malloc call. Valgrind 2.4 completes successfully but complains that there is a big block of memory leak that is caused by pthread_create. The result from valgrind 2.4 is very weird since no data pointer is passed to thread. I also debug the example from the book using valgrind. The result also shows that there are several block of leaks that are caused by CRYPTO_malloc.
    Can anybody tell me what causes the memory leak? Do I miss out any important step? Do I miss out any OpenSSL function that frees up memory?
   
Thanks.
0
Comment
Question by:ceoconsultancy
2 Comments
 
LVL 45

Accepted Solution

by:
sunnycoder earned 2000 total points
ID: 13873454
What version of openSSL are you using? Make sure it is the latest one since there were some memory leaks which were fixed
http://www.openssl.org/news/news.html

Also take a look at this message from the mailing list.
http://mailman.webdav.org/pipermail/neon/2001-May/000491.html

The message is quite old but indicates that libssl may indeed require you to call some cleanup functions. I have not used openSSL myself, but it might be worth the effort to search their docs for cleanup functions.
0
 

Author Comment

by:ceoconsultancy
ID: 13873670
I tried it OpenSSL 0.9.6c and 0.9.7e. Oh, 0.9.7g is out. I'll check that out. Thanks
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This tutorial is posted by Aaron Wojnowski, administrator at SDKExpert.net.  To view more iPhone tutorials, visit www.sdkexpert.net. This is a very simple tutorial on finding the user's current location easily. In this tutorial, you will learn ho…
Summary: This tutorial covers some basics of pointer, pointer arithmetic and function pointer. What is a pointer: A pointer is a variable which holds an address. This address might be address of another variable/address of devices/address of fu…
The goal of this video is to provide viewers with basic examples to understand recursion in the C programming language.
The goal of this video is to provide viewers with basic examples to understand how to use strings and some functions related to them in the C programming language.
Suggested Courses

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question