Re: Do I need to call BIO_free(network_bio) or not?

Thu, 17 Jul 2014 05:31:33 -0700 

On Tue, Jul 15, 2014, Iaki Baz Castillo wrote:

> Hi, I'm a bit confused about how to free a BIO pair associated to a SSL.
> 
> The doc at https://www.openssl.org/docs/crypto/BIO_s_bio.html clearly says:
> 
> ----------------------------
> Both halves of a BIO pair should be freed. That is even if one half is
> implicit freed due to a BIO_free_all() or SSL_free() call the other
> half needs to be freed.
> 
> EXAMPLE
> 
> BIO *internal_bio, *network_bio;
> BIO_new_bio_pair(internal_bio, 0, network_bio, 0);
> SSL_set_bio(ssl, internal_bio, internal_bio);
> ...
> SSL_free(ssl);                /* implicitly frees internal_bio */
> BIO_free(network_bio);
> ----------------------------
> 
> 
> Is it true that I must call to BIO_free(network_bio)? The SSL_free()
> code "seems" to do it by itself!:
> 
> --------------------------
> void SSL_free(SSL *s)
> {
>    ...
>    if (s->rbio != NULL)
>        BIO_free_all(s->rbio);
>    if ((s->wbio != NULL) && (s->wbio != s->rbio))
>        BIO_free_all(s->wbio);
> --------------------------
> 

In that example SSL_free is calling BIO_free_all() on "internal_bio" which was
passed using SSL_set_bio().

> In my code I get an obvious crash if I call BIO_free(internal_bio)
> after SSL_free(ssl), but I do NOT get a crash if I call
> BIO_free(network_bio).
> 
> 
> Anyhow in my code I do not use BIO_new_bio_pair() but instead:
> 
> ------------------------
> BIO* internal_bio = BIO_new(BIO_s_mem());
> BIO* network_bio = BIO_new(BIO_s_mem());
> SSL_set_bio(ssl, internal_bio, network_bio);

Your code uses a doesn't use BIO pairs but the same rule applies. The call to
SSL_free() will call BIO_free_all on the BIO or BIOs passed to SSL_set_bio()
internal_bio and network_bio in this example.

> 
> void destroy() {
>   if (ssl) {
>       SSL_free(ssl);
>   }
> 
> 
>   // This does NOT crash but, should I do it or not? leak otherwise?
>   if (write_bio) {
>       BIO_free(write_bio);
>   }
> }

There is no indication of what "write_bio" is here.

If write_bio is part of a chain involving the BIOs passed to SSL_set_bio() it
will be free up as part of the SSL_free call. If not you need to explicitly
free it yourself.

Steve.
--
Dr Stephen N. Henson. OpenSSL project core developer.
Commercial tech support now available see: http://www.openssl.org
______________________________________________________________________
OpenSSL Project                                 http://www.openssl.org
User Support Mailing List                    openssl-users@openssl.org
Automated List Manager                           majord...@openssl.org

Reply via email to