Memory leaking

Wed, 16 Aug 2006 08:57:22 -0700

Hi everyone,

    It seems I am leaking memory every time I call EVP_encrypt/decrypt routines, about 240 bytes are leaked by OPENSSL_malloc(), this happens in versions 0.9.7d, in the FIPS-certified version 1.0, and in the latest version 0.9.8b.

    I found two bug reports that might possibly be pertinent here:

1294 SSL_free memory leak
    The new ecpointcurvelist is not freed in SSL_free as far as I see.

1331 Possible bug/leak in OpenSSL ssl/bio_ssl.c:ssl_ctrl(BIO_CTRL_POP)
    In a BIO_CTRL_PUSH, the next_bio->references is incremented.
    In a BIO_CTRL_POP, the next_bio->references is also incremented.

Any thoughts on this would be appreciated,
Lee

P.S. Here is my source code:

#define EVP_ERR(_errVal) do { ret = _errVal; goto err; } while (0)

int
evpEncrypt(int keyIdx, BYTE *dstPtr, BYTE *srcPtr, int cryptLen, int *errCode)
{ // Call the OpenSSL encryption routine
   EVP_CIPHER_CTX ctx;
   static unsigned char iv[EVP_MAX_IV_LENGTH];
   int retLen, outLen, ret, evpErr;

   if (cryptLen <= 0)
      EVP_ERR(-1);
   if (!EVP_EncryptInit(&ctx, EVP_aes_256_ecb(), sysblk.keyData[keyIdx], iv))
      EVP_ERR(-2);
   retLen = cryptLen + AES_BLOCK_SIZE;
   if (!EVP_EncryptUpdate(&ctx, dstPtr, &retLen, srcPtr, cryptLen))
      EVP_ERR(-3);
   outLen = retLen;
   retLen = cryptLen + AES_BLOCK_SIZE*2;
   if (!EVP_EncryptFinal(&ctx, &dstPtr[outLen], &retLen))
      EVP_ERR(-4);
   return outLen + retLen;

err:
   while ((evpErr = ERR_get_error()) != 0)
      *errCode = evpErr;
   return ret;
}

int
evpDecrypt(int keyIdx, BYTE *dstPtr, BYTE *srcPtr, int cryptLen, int *errCode)
{ // Call the OpenSSL decryption routine
   EVP_CIPHER_CTX ctx;
   static unsigned char iv[EVP_MAX_IV_LENGTH];
   int retLen, outLen, ret, evpErr;

   if (cryptLen < AES_BLOCK_SIZE)
      EVP_ERR(-10);
   if (!EVP_DecryptInit(&ctx, EVP_aes_256_ecb(), sysblk.keyData[keyIdx], iv))
      EVP_ERR(-11);
   retLen = cryptLen + AES_BLOCK_SIZE;
   if (!EVP_DecryptUpdate(&ctx, dstPtr, &retLen, srcPtr, cryptLen))
      EVP_ERR(-12);
   outLen = retLen;
   retLen = cryptLen + AES_BLOCK_SIZE;
   if (!EVP_DecryptFinal(&ctx, &dstPtr[outLen], &retLen))
      EVP_ERR(-13);
   return outLen + retLen;

err:
   while ((evpErr = ERR_get_error()) != 0)
      *errCode = evpErr;
   return ret;
}

#undef EVP_ERR

---
"There is nothing remarkable about it. All one has to do is press the right keys at the right time and the computer programs itself." (ala J.S. Bach)

Unless otherwise stated, any views presented in this e-mail are solely those of the author and do not necessarily represent those of the company.

Reply via email to