On CentOS 5.5 (RPM package openssl-0.9.8e-12.el5_5.7), I am getting valgrind
errors. Although I include what appears to be the full complement of PROG13
recommended cleanup code:
ERR_remove_state(0);
ENGINE_cleanup();
CONF_modules_free();
CONF_modules_unload(1);
ERR_free_strings();
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
and I call X509_free() after processing the output of d2i_X509:
X509 * x;
if ((x = d2i_X509( NULL, &match, cert_len)) != NULL)
{ // do stuff with x
X509_free(x);
}
// no else clause to print failure errors
I am still getting valgrind errors:
==5167== 162 bytes in 2 blocks are still reachable in loss record 1 of 3
==5167== at 0x4C20E1C: malloc (vg_replace_malloc.c:195)
==5167== by 0x61B7D91: CRYPTO_malloc (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61B5702: ERR_add_error_data (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x6172E79: ASN1_item_ex_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61722C7: ??? (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x617257E: ??? (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x6172D8E: ASN1_item_ex_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61722C7: ??? (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x617257E: ??? (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x6172D8E: ASN1_item_ex_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61730F3: ASN1_item_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x448551: my code that calls d2i_X509
==5167==
==5167== 162 bytes in 2 blocks are still reachable in loss record 2 of 3
==5167== at 0x4C20E1C: malloc (vg_replace_malloc.c:195)
==5167== by 0x61B7D91: CRYPTO_malloc (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61B5702: ERR_add_error_data (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x6172E79: ASN1_item_ex_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61722C7: ??? (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x617257E: ??? (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x6172D8E: ASN1_item_ex_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61730F3: ASN1_item_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x448551: my code that calls d2i_X509
==5167==
==5167== 162 bytes in 2 blocks are still reachable in loss record 3 of 3
==5167== at 0x4C20E1C: malloc (vg_replace_malloc.c:195)
==5167== by 0x61B7D91: CRYPTO_malloc (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61B5702: ERR_add_error_data (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x6172E79: ASN1_item_ex_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x61730F3: ASN1_item_d2i (in /lib64/libcrypto.so.0.9.8e)
==5167== by 0x448551: my code that calls d2i_X509
There were three certificates that I attempted to parse, one successfully and
two unsuccessfully, matching the three errors. Is there another cleanup
routine that I haven't called?
Steve Friedman
______________________________________________________________________
OpenSSL Project http://www.openssl.org
User Support Mailing List openssl-users@openssl.org
Automated List Manager majord...@openssl.org
