[openssl-users] Potential memory leak in RSA_private_decrypt

2017-11-05 Thread Wang 
Hello, The memory usage of one of our OpenSSL applications increases
quickly.Valgrind detects the only possible leak below. We are using OpenSSL
1.0.2k. ==9721== 520 bytes in 1 blocks are indirectly lost in loss record
1,178 of1,294 ==9721==at 0x4A0817C: malloc (vg_replace_malloc.c:298)
==9721==by 0x5B29CD0: comn_malloc (comalloc.c:28) ==9721==by
0x58E7DD2: comn__csi_malloc (netenc2.c:52) ==9721==by 0xBBC37EA:
local_malloc (csi_provider_common.c:624) ==9721==by 0xBC1747F:
default_malloc_ex (mem.c:79) ==9721==by 0xBC17BA6: CRYPTO_malloc
(mem.c:350) ==9721==by 0xBC2648F: bn_expand_internal (bn_lib.c:303)
==9721==by 0xBC266AA: bn_expand2 (bn_lib.c:431) ==9721==by
0xBC26FF6: BN_set_bit (bn_lib.c:736) ==9721==by 0xBCE0880:
BN_MONT_CTX_set (bn_mont.c:494) ==9721==by 0xBCE0A2F:
BN_MONT_CTX_set_locked (bn_mont.c:544) ==9721==by 0xBCED0C0:
RSA_eay_mod_exp (rsa_eay.c:763) ==9721==by 0xBCEC747:
RSA_eay_private_decrypt (rsa_eay.c:554) ==9721==by 0xBC3B7DE:
RSA_private_decrypt (rsa_crpt.c:111) I searched in this forum. I found a
post reporting the same issue, but noresolution provided
-http://openssl.6102.n7.nabble.com/Memory-issues-with-ssl-handshake-td20851.html#a20854.
I wonder if anyone knows how to resolve this issue? Any help is appreciated.
Aaron 



--
Sent from: http://openssl.6102.n7.nabble.com/OpenSSL-User-f3.html-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users

[openssl-users] stunnel 5.43 released

2017-11-05 Thread MichaƂ Trojnara 
Dear Users,

I have released version 5.43 of stunnel.

Version 5.43, 2017.11.05, urgency: LOW
* New features
  - OpenSSL DLLs updated to version 1.0.2m.
  - Android build updated to OpenSSL 1.1.0g.
  - Allow for multiple "accept" ports per section.
  - Self-test framework (make check).
  - Added config load before OpenSSL init (thx to Dmitrii Pichulin).
  - OpenSSL 1.1.0 support for Travis CI.
  - OpenSSL 1.1.1-dev compilation fixes.
* Bugfixes
  - Fixed a memory fault on Solaris.
  - Fixed round-robin failover in the FORK threading model.
  - Fixed handling SSL_ERROR_ZERO_RETURN in SSL_shutdown().
  - Minor fixes of the logging subsystem.

Home page: https://www.stunnel.org/
Download:  https://www.stunnel.org/downloads.html

SHA-256 hashes:
05915babf705a0494886a72a7367913d403d07fc908ebb7b380d639e2d8bcee2
stunnel-5.43.tar.gz
5249479d295f482ecac9cd3d5c89c0e5d41ae6ff8e265d4634ecfd8761834201
stunnel-5.43-win32-installer.exe
e628fa7027d19bf4f0a62392f9dc042d97959498c292e13ebdf30c65a545dd6d
stunnel-5.43-android.zip

Best regards,
Mike



signature.asc
Description: OpenPGP digital signature
-- 
openssl-users mailing list
To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users