Memory leak in OpenSSL application

Posted on 2005-04-26
Last Modified: 2008-01-09
Hi all,
    I've written an application that uses OpenSSL library. But I've found there are memory leaks of several kilobytes whenever a client connects to my server program. Both uses TLS. The server program never frees up the memory when the client disconnects. I've found out this problem from issuing "top" command in GNU/Linux. Here is a summary of what happens inside the server program from the moment a client connects till it disconnects:

  BIO_do_accept(acc)    (Connection stage)
  client = BIO_pop(acc)
  ssl = SSL_new(ctx)
  SSL_set_bio(ssl, client, client)

  SSL_read/write(ssl ....)  (Processing data)

  SSL_shutdown(ssl)    (Disconnection stage)

    acc is a BIO object, whereas CTX is a SSL_CTX object. Both of the these objects are only freed up using SSL_CTX_free(ctx) and BIO_free(acc) when the server program shutdowns. My server program was written using the guideline from the book "Network Security with OpenSSL". Ironically, the example in the book also have memory leak.
    I use valgrind 2.2 and valgrind 2.4 to debug my server program. Valgrind 2.2 crashes but is able to report that there are several block of leaks that are caused by CRYPTO_malloc call. Valgrind 2.4 completes successfully but complains that there is a big block of memory leak that is caused by pthread_create. The result from valgrind 2.4 is very weird since no data pointer is passed to thread. I also debug the example from the book using valgrind. The result also shows that there are several block of leaks that are caused by CRYPTO_malloc.
    Can anybody tell me what causes the memory leak? Do I miss out any important step? Do I miss out any OpenSSL function that frees up memory?
Question by:ceoconsultancy
    LVL 45

    Accepted Solution

    What version of openSSL are you using? Make sure it is the latest one since there were some memory leaks which were fixed

    Also take a look at this message from the mailing list.

    The message is quite old but indicates that libssl may indeed require you to call some cleanup functions. I have not used openSSL myself, but it might be worth the effort to search their docs for cleanup functions.

    Author Comment

    I tried it OpenSSL 0.9.6c and 0.9.7e. Oh, 0.9.7g is out. I'll check that out. Thanks

    Featured Post

    How to run any project with ease

    Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
    - Combine task lists, docs, spreadsheets, and chat in one
    - View and edit from mobile/offline
    - Cut down on emails

    Join & Write a Comment

    Summary: This tutorial covers some basics of pointer, pointer arithmetic and function pointer. What is a pointer: A pointer is a variable which holds an address. This address might be address of another variable/address of devices/address of fu…
    Windows programmers of the C/C++ variety, how many of you realise that since Window 9x Microsoft has been lying to you about what constitutes Unicode ( They will have you believe that Unicode requires you to use…
    The goal of this video is to provide viewers with basic examples to understand how to use strings and some functions related to them in the C programming language.
    Video by: Grant
    The goal of this video is to provide viewers with basic examples to understand and use nested-loops in the C programming language.

    728 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    19 Experts available now in Live!

    Get 1:1 Help Now