Almost certainly something corrupted in your heap. It could be that code between the create and the free
gets a pointer into a field/element in the X509 (like Subject name, or an individual AVA in Subject name, or some particular extension, etc. etc.) and uses that pointer to store something it shouldn't; or allocates some other space on the same heap and and uses that pointer to store where it shouldn't - often by doing a strcpy or strcat of a value that's longer than the space allocated; or you just have a completely wrong pointer value (usually because uninitialized) that you store through. It could conceivably be corruption that existed before your (parse and) allocate X509, but didn't actually cause a failure until after, but depending on your C library and it's memory manager that's usually less likely. If your C library has any "malloc debugging" features turn them on, or if you have valgrind use that. If not, see if you can port to a system that does. Failing that, you can try black-box debugging - remove or reduce your code a chunk at a time to see if that "fixes" the problem - but heap corruption bugs can easily "appear" and "vanish" as the size of your code changes even when you haven't actually fixed (or created!) the bug. If you're using C++ as appears, and you don't already, although it's a fair bit of work, you could try replacing "raw" C-style pointers, arrays and strings with C++ std::string std::vector std::auto_ptr and so forth, which protect against some possible overruns and bad pointers - but not all. From: owner-openssl-us...@openssl.org [mailto:owner-openssl-us...@openssl.org] On Behalf Of Sanjay Kumar (sanjaku5) Sent: Thursday, October 03, 2013 07:53 To: openssl-users@openssl.org Subject: *** Spam *** memory crash when calling " X509_free" function <snip: method(?) which creates/parses X509 from DER and another which frees it and gets:> I get the memory crash Backtrace: Program terminated with signal 11, Segmentation fault. #0 0x081e7748 in ASN1_STRING_free () #0 0x081e7748 in ASN1_STRING_free () #1 0x081e2b90 in ASN1_primitive_free () #2 0x081e2b7a in ASN1_primitive_free () #3 0x081e2c1a in asn1_item_combine_free () #4 0x081e2e5d in ASN1_template_free () #5 0x081e2d9e in asn1_item_combine_free () #6 0x081e2e5d in ASN1_template_free () #7 0x081e2d9e in asn1_item_combine_free () #8 0x081e2e93 in ASN1_item_free () #9 0x081defd7 in X509_free () #10 0x08052673 in CertificateRemote::cleanup_x509 (this=0x9bb55f0) at syfer/crypto/Certificate.cpp:309 What could be possible reason for the above crash ?