I am using Axis2c 1.6 and OpenSSL (first 0.9.8l, now 0.9.8o) on Windows
Server 2008 R2; I have MS Visual Studio 2008 installed, but build using
nmake instead of the solution under the ides folder.
The only settings of note in configure.in are ENABLE_SSL = 1 and CRUNTIME =
/MD. I staticly link with the Openssl library.
I am seeing the following leak reported after sending a request:
MSVCR90D: malloc
axis2_http_sender: default_malloc_ex: \openssl\openssl-0.9.8o\crypto\mem.c
line 79
axis2_http_sender: CRYPTO_malloc: \openssl\openssl-0.9.8o\crypto\mem.c
line 328
axis2_http_sender: SSL_new: \openssl\openssl-0.9.8o\ssl\ssl_lib.c line 258
axis2_http_sender: axis2_ssl_utils_initialize_ssl:
\axis2c\axis2c-1.6.0\src\core\transport\http\sender\ssl\ssl_utils.c line 134
axis2_http_sender: axutil_stream_create_ssl:
\axis2c\axis2c-1.6.0\src\core\transport\http\sender\ssl\ssl_stream.c line
106
axis2_http_sender: axis2_http_client_send:
\axis2c\axis2c-1.6.0\src\core\transport\http\sender\http_client.c line 268
axis2_http_sender: axis2_http_sender_send:
\axis2c\axis2c-1.6.0\src\core\transport\http\sender\http_sender.c line 1103
axis2_http_sender: axis2_http_transport_sender_write_message:
\axis2c\axis2c-1.6.0\src\core\transport\http\sender\http_transport_sender.c
line 808
axis2_http_sender: axis2_http_transport_sender_invoke:
\axis2c\axis2c-1.6.0\src\core\transport\http\sender\http_transport_sender.c
line 312
axis2_engine: axis2_op_client_two_way_send:
\axis2c\axis2c-1.6.0\src\core\clientapi\op_client.c line 1172
axis2_engine: axis2_op_client_worker_func:
\axis2c\axis2c-1.6.0\src\core\clientapi\op_client.c line 696
ntdll: RtlInitializeExceptionChain_x002B_54_bytes__0x776C9D45
It's actually 2 leaks. The first happens because axis2_http_client_send()
allocates a stream of type ssl:
http_client.c 266 client->data_stream = axutil_stream_create_ssl(env,
client->sockfd, axis2_http_client_get_server_cert(client,
env),
axis2_http_client_get_key_file(client, env), ssl_pp);
but the 'destructor' set in axis2_http_sender_process_response() is for the
unmanaged stream types:
http_sender.c 1617 property = axutil_property_create (env);
axutil_property_set_scope (property, env,
AXIS2_SCOPE_REQUEST);
axutil_property_set_free_func (property,
env, axutil_stream_free_void_arg);
I have been able to fix that leak by replacing the last line above with
#ifdef AXIS2_SSL_ENABLED
if (in_stream->stream_type == AXIS2_STREAM_SOCKET)
axutil_property_set_free_func (property, env,
axutil_stream_free_void_arg);
else // ssl streams are AXIS2_STREAM_BASIC
axutil_property_set_free_func (property, env, axis2_ssl_stream_free);
#else
axutil_property_set_free_func (property, env,
axutil_stream_free_void_arg);
#endif
and adding a forward declare
// expose private function is sender\ssl\ssl_stream.c
#ifdef AXIS2_SSL_ENABLED
void AXIS2_CALL axis2_ssl_stream_free(
axutil_stream_t * stream,
const axutil_env_t * env);
#endif
The second leak is from the allocation at ssl_lib.c, line 258, reported
above. It can be fixed in axis2_ssl_utils_cleanup_ssl() in ssl_utils.c,
line 217
if (ssl)
{
SSL_shutdown(ssl);
// fix memory leak
OPENSSL_free(ssl);
}
Do you think these look like a safe fixes?
Regards,
Steve
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
