generic-library/openssl
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

Fix memory leak in library deinit

Browse Source 
ENGINE_cleanup calls CRYPTO_free_ex_data and therefore,
CRYPTO_cleanup_all_ex_data - which cleans up the method pointers - must
run after ENGINE_cleanup.

Additionally, don't needlessly initialize the EX_CALLBACKS stack during
e.g. CRYPTO_free_ex_data. The only time this is actually needed is when
reserving the first ex data index. Specifically, since sk_num returns -1
on NULL input, the rest of the code already handles a NULL method stack
correctly.

Reviewed-by: Rich Salz <rsalz@openssl.org>
This commit is contained in:
Emilia Kasper 2016-03-12 20:46:13 +01:00
parent 36cc1390f2
commit 8cab4e9bc7
2 changed files with 20 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
crypto/ex_data.c
View File

@ -161,17 +161,6 @@ static EX_CALLBACKS *get_and_lock(int class_index)
ip = &ex_data[class_index]; ip = &ex_data[class_index];
CRYPTO_THREAD_write_lock(ex_data_lock); CRYPTO_THREAD_write_lock(ex_data_lock);
if (ip->meth == NULL) {
ip->meth = sk_EX_CALLBACK_new_null();
/* We push an initial value on the stack because the SSL
* "app_data" routines use ex_data index zero. See RT 3710. */
if (ip->meth == NULL
|| !sk_EX_CALLBACK_push(ip->meth, NULL)) {
CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_MALLOC_FAILURE);
CRYPTO_THREAD_unlock(ex_data_lock);
return NULL;
}
}
return ip; return ip;
} }
@ -255,6 +244,18 @@ int CRYPTO_get_ex_new_index(int class_index, long argl, void *argp,
if (ip == NULL) if (ip == NULL)
return -1; return -1;
if (ip->meth == NULL) {
ip->meth = sk_EX_CALLBACK_new_null();
/* We push an initial value on the stack because the SSL
* "app_data" routines use ex_data index zero. See RT 3710. */
if (ip->meth == NULL
|| !sk_EX_CALLBACK_push(ip->meth, NULL)) {
CRYPTOerr(CRYPTO_F_GET_AND_LOCK, ERR_R_MALLOC_FAILURE);
goto err;
}
}
a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a)); a = (EX_CALLBACK *)OPENSSL_malloc(sizeof(*a));
if (a == NULL) { if (a == NULL) {
CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX, ERR_R_MALLOC_FAILURE); CRYPTOerr(CRYPTO_F_CRYPTO_GET_EX_NEW_INDEX, ERR_R_MALLOC_FAILURE);

13
crypto/init.c
View File

@ -474,12 +474,17 @@ void OPENSSL_cleanup(void)
"RAND_cleanup()\n"); "RAND_cleanup()\n");
#endif #endif
CRYPTO_cleanup_all_ex_data(); /*
EVP_cleanup(); * Note that cleanup order is important.
CONF_modules_free(); * For example, ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up
* before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data().
*/
#ifndef OPENSSL_NO_ENGINE #ifndef OPENSSL_NO_ENGINE
ENGINE_cleanup(); ENGINE_cleanup();
#endif #endif
CRYPTO_cleanup_all_ex_data();
EVP_cleanup();
CONF_modules_free();
RAND_cleanup(); RAND_cleanup();
base_inited = 0; base_inited = 0;
} }
@ -628,5 +633,3 @@ int OPENSSL_atexit(void (*handler)(void))
return 1; return 1;
} }