Hello Kurt, I finally managed to compile a debug 1.1.0 version. (I manually modified the makefile) :-(
Anyway, I can confirm the patch you send to me fixes the first memory leak case. BUT, You are right, we should not free g and N, because they are shared/referenced by the VBASE cache. They will be freed by SRP_VBASE_free(); BUT (again) we need to free the *ID* of g and N, which was allocated and no longer in use or referenced elsewhere. I believe the data structures should have been made differently such that they do not share only part of internal data. That's why I did not call sk_SRP_gN_pop_free() in my first patch. Here attached is an updated version of your patch that, I hope, can meet our first requirement. As long as the memory is in a stable state, I think it is not mandatory to free immediatly the VBASE data in case of error. We can let the caller decide what he wants to do. But it is just my opinion. Thanks again, Regards, Michel -----Message d'origine----- De : openssl-dev [mailto:[email protected]] De la part de Michel via RT Envoyé : jeudi 10 décembre 2015 23:37 Cc : [email protected] Objet : [openssl-dev] TR: [openssl.org #4172] SRP VBASE stuff still leaking memory Hello Kurt, I was not able to 'configure' the master branch for debug-VC-WIN32. I got the error message 'pick os/compiler from: ... However I succeeded with VC-WIN32. I guess this is something related to the new configure perl script and debug/non-debug options, but I am lost with perl. Could you please help for this ? Michel. -----Message d'origine----- De : openssl-dev [mailto:[email protected]] De la part de Michel via RT Envoy : jeudi 10 d cembre 2015 17:00 Cc : [email protected] Objet : Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory Hi Kurt, At first glance, it's a fact that your patch is better. :-) I should have thought to some of your improvement, like SRP_gN_new(). I will test it tonight and come back to you. Many for thanks for your interrest in this matter, Michel. -----Message d'origine----- De : Kurt Roeckx via RT [mailto:[email protected]] Envoy : jeudi 10 d cembre 2015 15:38 : [email protected] Cc : [email protected] Objet : Re: [openssl-dev] [openssl.org #4172] SRP VBASE stuff still leaking memory On Thu, Dec 10, 2015 at 03:19:54PM +0100, Kurt Roeckx wrote: > On Thu, Dec 10, 2015 at 01:27:38PM +0100, Kurt Roeckx wrote: > > On Thu, Dec 10, 2015 at 01:16:48PM +0100, Kurt Roeckx wrote: > > > On Mon, Dec 07, 2015 at 03:47:56PM +0000, Michel via RT wrote: > > > > Hi, > > > > > > > > Following my previous mail, here attached is an updated patch > > > > against 1.02e to fix the SRP VBASE memory leaks. > > > > > > Can you confirm that this would be the correct patch for master? > > > > The following patch should at least compile. > > I fixed a few more things, cleaned up some things. New patch > attached. I think there is something wrong with new SRP_gN_free(). You now also free g and N, and it's not clear to me who the owner of those is. I think the cache is, in which case we should not free them. I think the cache also isn't cleared, we should probably call SRP_VBASE_free() when SRP_VBASE_init() fails. Kurt _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev _______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
srp_vfy-1.1.0.patch
Description: Binary data
_______________________________________________ openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
