Discussion:
PKCS12 memory leak?
Shaheed Bacchus
2002-08-24 00:56:21 UTC
Permalink
hi all,

i have a routine that reads a private key and cert from a bio
containing a PKCS12 file, the relevant part of the code is:

PK12 = d2i_PKCS12_bio(DataBio, NULL);
PKCS12_parse(PK12, Phrase, &Pkey, &Cert, &Ca);
PKCS12_free(PK12);

at the end of the routine i free all of the structures used
and i also do
EVP_cleanup();

the memory leak tool on my system (proprietary
embedded system) reports that memory is being
leaked by routines that are called by PKCS12_parse()
some of the routines that it thinks are leaking include
ASN1_STRING_set, ASN1_STRING_type_new,
X509_CERT_AUX_new, etc (these are only a
few, there are several more all called directly or indirectly
by PKCS12_parse)

so my question is, is there some kind of cleanup routine
that i'm supposed to be running that will cleanup
the mess left behind? thanks.

______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Shaheed Bacchus
2002-08-27 19:32:01 UTC
Permalink
in order to try and prove that the memory leak i am seeing
in PKCS12_parse() is not specific to my embedded system,
i compiled the following using OpenSSL 0.9.6 on solaris
5.7:

void parsetest(BIO *databio)
{
EVP_PKEY *Pkey=NULL;
X509 *Cert=NULL;
STACK_OF(X509) *Ca=NULL;
PKCS12 *PK12=NULL;

PK12 = d2i_PKCS12_bio(databio, NULL);
PKCS12_parse(PK12, NULL, &Pkey, &Cert, &Ca);
PKCS12_free(PK12);
if (Pkey)
EVP_PKEY_free(Pkey);
if (Cert)
X509_free(Cert);
if (Ca)
sk_X509_free(Ca);
ERR_clear_error();
ERR_remove_state(0);
ERR_free_strings();

}

this routine was then called like this:

CRYPTO_malloc_debug_init();
CRYPTO_dbg_set_options(V_CRYPTO_MDEBUG_ALL);
CRYPTO_mem_ctrl(CRYPTO_MEM_CHECK_ON);
parsetest(databio);
CRYPTO_mem_leaks_fp(stderr);

where databio contains a valid PKCS12 file, the output was this:

[15:14:08] 340 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DF720
[15:14:08] 463 file=buffer.c, line=110, thread=19678, number=132,
address=000
DAF98
[15:14:08] 334 file=x_name.c, line=219, thread=19678, number=16,
address=000D
F630
[15:14:08] 333 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DF600
[15:14:08] 332 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DF5D0
[15:14:08] 323 file=x_x509.c, line=117, thread=19678, number=84,
address=000D
E5D0
[15:14:08] 477 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E23F0
[15:14:08] 476 file=x_name.c, line=233, thread=19678, number=16,
address=000E
23C0
[15:14:08] 327 file=x_name.c, line=219, thread=19678, number=16,
address=000D
F510
[15:14:08] 475 file=a_bytes.c, line=114, thread=19678, number=15,
address=000
E2390
[15:14:08] 419 file=buffer.c, line=110, thread=19678, number=268,
address=000
DEC38
[15:14:08] 472 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E2330
[15:14:08] 471 file=x_name.c, line=233, thread=19678, number=16,
address=000E
2300
[15:14:08] 409 file=x_exten.c, line=123, thread=19678, number=20,
address=000
D3F08
[15:14:08] 401 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3EA8
[15:14:08] 378 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DEA88
[15:14:08] 394 file=x_exten.c, line=123, thread=19678, number=20,
address=000
D3E48
[15:14:08] 377 file=x_name.c, line=233, thread=19678, number=16,
address=000D
EA58
[15:14:08] 384 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3DE8
[15:14:08] 482 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E1878
[15:14:08] 374 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3D88
[15:14:08] 468 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E1818
[15:14:08] 356 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3D28
[15:14:08] 450 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E17B8
[15:14:08] 403 file=a_bytes.c, line=222, thread=19678, number=65,
address=000
D8A58
[15:14:08] 449 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E2000
[15:14:08] 345 file=a_int.c, line=232, thread=19678, number=18,
address=000D3
CC8
[15:14:08] 448 file=x_name.c, line=233, thread=19678, number=16,
address=000E
1FD0
[15:14:08] 436 file=stack.c, line=122, thread=19678, number=20,
address=000E1
758
[15:14:08] 381 file=a_bytes.c, line=114, thread=19678, number=62,
address=000
D89C8
[15:14:08] 414 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E16F8
[15:14:08] 441 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E1EE0
[15:14:08] 358 file=a_bytes.c, line=114, thread=19678, number=15,
address=000
DE7A0
[15:14:08] 485 file=a_bitstr.c, line=190, thread=19678, number=140,
address=0
00DB0F0
[15:14:08] 355 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DE740
[15:14:08] 491 file=buffer.c, line=110, thread=19678, number=268,
address=000
E3578
[15:14:08] 354 file=x_name.c, line=233, thread=19678, number=16,
address=000D
E710
[15:14:08] 350 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DE698
[15:14:08] 462 file=a_bytes.c, line=114, thread=19678, number=47,
address=000
D8860
[15:14:08] 481 file=buffer.c, line=110, thread=19678, number=132,
address=000
DB060
[15:14:08] 349 file=x_name.c, line=233, thread=19678, number=16,
address=000D
E668
[15:14:08] 364 file=buffer.c, line=110, thread=19678, number=132,
address=000
D87D0
[15:14:08] 324 file=x_cinf.c, line=171, thread=19678, number=40,
address=000D
29C8
[15:14:08] 393 file=stack.c, line=124, thread=19678, number=32,
address=000E0
BC8
[15:14:08] 488 file=a_type.c, line=277, thread=19678, number=8,
address=000D8
5A8
[15:14:08] 474 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8578
[15:14:08] 461 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8548
[15:14:08] 451 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8518
[15:14:08] 440 file=x_algor.c, line=102, thread=19678, number=8,
address=000D
84E8
[15:14:08] 416 file=a_type.c, line=277, thread=19678, number=8,
address=000D8
4B8
[15:14:08] 407 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8488
[15:14:08] 390 file=a_type.c, line=277, thread=19678, number=8,
address=000D8
458
[15:14:08] 375 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8428
[15:14:08] 404 file=x_exten.c, line=123, thread=19678, number=20,
address=000
D3EC8
[15:14:08] 357 file=a_object.c, line=242, thread=19678, number=3,
address=000
D83F8
[15:14:08] 348 file=a_type.c, line=277, thread=19678, number=8,
address=000D8
3C8
[15:14:08] 396 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3E68
[15:14:08] 339 file=x_algor.c, line=102, thread=19678, number=8,
address=000D
8398
[15:14:08] 388 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3E08
[15:14:08] 486 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E1898
[15:14:08] 376 file=a_bytes.c, line=114, thread=19678, number=23,
address=000
D3DA8
[15:14:08] 473 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E1838
[15:14:08] 361 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3D48
[15:14:08] 417 file=a_bitstr.c, line=190, thread=19678, number=128,
address=0
00D8AA8
[15:14:08] 455 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E17D8
[15:14:08] 346 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3CE8
[15:14:08] 391 file=a_bitstr.c, line=190, thread=19678, number=140,
address=0
00DB2C0
[15:14:08] 444 file=a_int.c, line=232, thread=19678, number=18,
address=000E1
778
[15:14:08] 328 file=stack.c, line=122, thread=19678, number=20,
address=000D3
C88
[15:14:08] 421 file=x_x509a.c, line=97, thread=19678, number=20,
address=000E
1718
[15:14:08] 387 file=buffer.c, line=110, thread=19678, number=280,
address=000
DB1A0
[15:14:08] 439 file=x_pubkey.c, line=101, thread=19678, number=12,
address=00
0E1688
[15:14:08] 438 file=buffer.c, line=67, thread=19678, number=12,
address=000E1
658
[15:14:08] 495 file=asn1_lib.c, line=341, thread=19678, number=56,
address=00
0E36D0
[15:14:08] 437 file=stack.c, line=124, thread=19678, number=16,
address=000E1
628
[15:14:08] 435 file=x_name.c, line=219, thread=19678, number=16,
address=000E
15E0
[15:14:08] 434 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E15B0
[15:14:08] 431 file=buffer.c, line=67, thread=19678, number=12,
address=000E1
538
[15:14:08] 433 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E1580
[15:14:08] 430 file=stack.c, line=124, thread=19678, number=16,
address=000E1
508
[15:14:08] 489 file=a_bitstr.c, line=190, thread=19678, number=128,
address=0
00E34F0
[15:14:08] 426 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E1478
[15:14:08] 428 file=x_name.c, line=219, thread=19678, number=16,
address=000E
14C0
[15:14:08] 422 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E1418
[15:14:08] 423 file=asn1_lib.c, line=341, thread=19678, number=81,
address=00
0DEDB0
[15:14:08] 424 file=x_x509.c, line=117, thread=19678, number=84,
address=000D
ED50
[15:14:08] 415 file=a_object.c, line=242, thread=19678, number=9,
address=000
E1370
[15:14:08] 484 file=a_type.c, line=277, thread=19678, number=8,
address=000D8
598
[15:14:08] 410 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E12F8
[15:14:08] 470 file=a_bytes.c, line=114, thread=19678, number=3,
address=000D
8568
[15:14:08] 456 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8538
[15:14:08] 447 file=a_type.c, line=277, thread=19678, number=8,
address=000D8
508
[15:14:08] 408 file=a_bytes.c, line=222, thread=19678, number=9,
address=000E
12B0
[15:14:08] 432 file=x_val.c, line=95, thread=19678, number=8,
address=000D84D
8
[15:14:08] 413 file=a_bytes.c, line=222, thread=19678, number=5,
address=000D
84A8
[15:14:08] 405 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E1250
[15:14:08] 402 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8478
[15:14:08] 406 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3EE8
[15:14:08] 385 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8448
[15:14:08] 370 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8418
[15:14:08] 399 file=x_exten.c, line=123, thread=19678, number=20,
address=000
D3E88
[15:14:08] 400 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E11C0
[15:14:08] 353 file=a_bytes.c, line=114, thread=19678, number=3,
address=000D
83E8
[15:14:08] 395 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E1118
[15:14:08] 344 file=a_int.c, line=232, thread=19678, number=2,
address=000D83
B8
[15:14:08] 392 file=stack.c, line=122, thread=19678, number=20,
address=000D3
E28
[15:14:08] 397 file=a_object.c, line=242, thread=19678, number=9,
address=000
E1160
[15:14:08] 326 file=x_algor.c, line=102, thread=19678, number=8,
address=000D
8388
[15:14:08] 493 file=x_x509a.c, line=97, thread=19678, number=20,
address=000E
18B8
[15:14:08] 425 file=x_cinf.c, line=171, thread=19678, number=40,
address=000D
B358
[15:14:08] 331 file=x_val.c, line=95, thread=19678, number=8,
address=000D835
8
[15:14:08] 379 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3DC8
[15:14:08] 478 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E1858
[15:14:08] 369 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3D68
[15:14:08] 460 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E17F8
[15:14:08] 351 file=a_object.c, line=268, thread=19678, number=24,
address=00
0D3D08
[15:14:08] 494 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E2FC8
[15:14:08] 445 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E1798
[15:14:08] 335 file=stack.c, line=122, thread=19678, number=20,
address=000D3
CA8
[15:14:08] 336 file=stack.c, line=124, thread=19678, number=32,
address=000E0
768
[15:14:08] 429 file=stack.c, line=122, thread=19678, number=20,
address=000E1
738
[15:14:08] 411 file=a_object.c, line=268, thread=19678, number=24,
address=00
0E16D8
[15:14:08] 487 file=a_object.c, line=242, thread=19678, number=9,
address=000
E2F20
[15:14:08] 343 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DF798
[15:14:08] 347 file=a_object.c, line=242, thread=19678, number=9,
address=000
DF810
[15:14:08] 342 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DF768
[15:14:08] 338 file=x_pubkey.c, line=101, thread=19678, number=12,
address=00
0DF6D8
[15:14:08] 480 file=a_bytes.c, line=114, thread=19678, number=47,
address=000
DB028
[15:14:08] 337 file=buffer.c, line=67, thread=19678, number=12,
address=000DF
6A8
[15:14:08] 363 file=a_bytes.c, line=114, thread=19678, number=47,
address=000
D8798
[15:14:08] 483 file=a_object.c, line=242, thread=19678, number=9,
address=000
E2498
[15:14:08] 330 file=buffer.c, line=67, thread=19678, number=12,
address=000DF
588
[15:14:08] 329 file=stack.c, line=124, thread=19678, number=16,
address=000DF
558
[15:14:08] 325 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DF4C8
[15:14:08] 479 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8588
[15:14:08] 469 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8558
[15:14:08] 452 file=a_bytes.c, line=114, thread=19678, number=3,
address=000D
8528
[15:14:08] 467 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E2288
[15:14:08] 442 file=x_algor.c, line=102, thread=19678, number=8,
address=000D
84F8
[15:14:08] 466 file=x_name.c, line=233, thread=19678, number=16,
address=000E
2258
[15:14:08] 427 file=x_algor.c, line=102, thread=19678, number=8,
address=000D
84C8
[15:14:08] 465 file=a_bytes.c, line=222, thread=19678, number=14,
address=000
E2228
[15:14:08] 389 file=a_object.c, line=242, thread=19678, number=9,
address=000
DEBC0
[15:14:08] 412 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8498
[15:14:08] 464 file=a_bytes.c, line=222, thread=19678, number=14,
address=000
E21F8
[15:14:08] 398 file=a_bytes.c, line=222, thread=19678, number=5,
address=000D
8468
[15:14:08] 380 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8438
[15:14:08] 362 file=a_object.c, line=242, thread=19678, number=3,
address=000
D8408
[15:14:08] 383 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DEB30
[15:14:08] 459 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E2168
[15:14:08] 352 file=a_object.c, line=242, thread=19678, number=3,
address=000
D83D8
[15:14:08] 382 file=x_name.c, line=233, thread=19678, number=16,
address=000D
EB00
[15:14:08] 458 file=x_name.c, line=233, thread=19678, number=16,
address=000E
2138
[15:14:08] 341 file=x_algor.c, line=102, thread=19678, number=8,
address=000D
83A8
[15:14:08] 457 file=a_bytes.c, line=114, thread=19678, number=15,
address=000
E2108
[15:14:08] 454 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E20A8
[15:14:08] 453 file=x_name.c, line=233, thread=19678, number=16,
address=000E
2078
[15:14:08] 373 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DE9E0
[15:14:08] 372 file=x_name.c, line=233, thread=19678, number=16,
address=000D
E9B0
[15:14:08] 371 file=a_bytes.c, line=114, thread=19678, number=15,
address=000
DE980
[15:14:08] 446 file=a_object.c, line=242, thread=19678, number=9,
address=000
E1F88
[15:14:08] 368 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DE920
[15:14:08] 367 file=x_name.c, line=233, thread=19678, number=16,
address=000D
E8F0
[15:14:08] 443 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0E1F28
[15:14:08] 366 file=a_bytes.c, line=222, thread=19678, number=14,
address=000
DE8C0
[15:14:08] 386 file=a_bytes.c, line=114, thread=19678, number=64,
address=000
D8A10
[15:14:08] 365 file=a_bytes.c, line=222, thread=19678, number=14,
address=000
DE890
[15:14:08] 360 file=asn1_lib.c, line=371, thread=19678, number=16,
address=00
0DE800
[15:14:08] 359 file=x_name.c, line=233, thread=19678, number=16,
address=000D
E7D0
4601 bytes leaked in 169 chunks

any suggestions? thanks.
Post by Shaheed Bacchus
hi all,
i have a routine that reads a private key and cert from a bio
PK12 = d2i_PKCS12_bio(DataBio, NULL);
PKCS12_parse(PK12, Phrase, &Pkey, &Cert, &Ca);
PKCS12_free(PK12);
at the end of the routine i free all of the structures used
and i also do
EVP_cleanup();
the memory leak tool on my system (proprietary
embedded system) reports that memory is being
leaked by routines that are called by PKCS12_parse()
some of the routines that it thinks are leaking include
ASN1_STRING_set, ASN1_STRING_type_new,
X509_CERT_AUX_new, etc (these are only a
few, there are several more all called directly or indirectly
by PKCS12_parse)
so my question is, is there some kind of cleanup routine
that i'm supposed to be running that will cleanup
the mess left behind? thanks.
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Dr. Stephen Henson
2002-08-28 20:11:14 UTC
Permalink
Post by Shaheed Bacchus
in order to try and prove that the memory leak i am seeing
in PKCS12_parse() is not specific to my embedded system,
i compiled the following using OpenSSL 0.9.6 on solaris
void parsetest(BIO *databio)
{
EVP_PKEY *Pkey=NULL;
X509 *Cert=NULL;
STACK_OF(X509) *Ca=NULL;
PKCS12 *PK12=NULL;
PK12 = d2i_PKCS12_bio(databio, NULL);
PKCS12_parse(PK12, NULL, &Pkey, &Cert, &Ca);
PKCS12_free(PK12);
if (Pkey)
EVP_PKEY_free(Pkey);
if (Cert)
X509_free(Cert);
if (Ca)
sk_X509_free(Ca);
The above line is the problem, it just frees up the
STACK, not its contents. It should be:

sk_X509_pop_free(Ca, X509_free);

Steve.
--
Dr. Stephen Henson steve-MCmKBN63+***@public.gmane.org
OpenSSL Project http://www.openssl.org/~steve/
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users-MCmKBN63+***@public.gmane.org
Automated List Manager majordomo-MCmKBN63+***@public.gmane.org
Loading...