From a873356c0007c93de86b4e1360d4a9e7af151b22 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Bodo=20M=C3=B6ller?= Date: Thu, 13 Jan 2000 21:10:43 +0000 Subject: [PATCH] Use CRYPTO_push_info to find a memory leak in pkcs12.c. --- CHANGES | 17 ++++++++++------- apps/pkcs12.c | 48 +++++++++++++++++++++++++++++++++++++++++++++++- 2 files changed, 57 insertions(+), 8 deletions(-) diff --git a/CHANGES b/CHANGES index 5cd0db830..48053f220 100644 --- a/CHANGES +++ b/CHANGES @@ -436,8 +436,11 @@ *) Add the possibility to add extra information to the memory leak detecting output, to form tracebacks, showing from where each - allocation was originated. Also updated sid code to be multi- - thread-safe. + allocation was originated: CRYPTO_push_info("constant string") adds + the string plus current file name and line number to a per-thread + stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info() + is like calling CYRPTO_pop_info() until the stack is empty. + Also updated memory leak detection code to be multi-thread-safe. [Richard Levitte] *) Add options -text and -noout to pkcs7 utility and delete the @@ -473,11 +476,11 @@ for all purposes. [Steve Henson] - *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). The - problem was that one of the replacement routines had not been working since - SSLeay releases. For now the offending routine has been replaced with - non-optimised assembler. Even so, this now gives around 95% performance - improvement for 1024 bit RSA signs. + *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD). + The problem was that one of the replacement routines had not been working + since SSLeay releases. For now the offending routine has been replaced + with non-optimised assembler. Even so, this now gives around 95% + performance improvement for 1024 bit RSA signs. [Mark Cox] *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2 diff --git a/apps/pkcs12.c b/apps/pkcs12.c index a48f8c2d8..a027566ac 100644 --- a/apps/pkcs12.c +++ b/apps/pkcs12.c @@ -61,6 +61,7 @@ #include #include #include +#include #include #include #include @@ -264,6 +265,10 @@ int MAIN(int argc, char **argv) ERR_load_crypto_strings(); +#ifdef CRYPTO_MDEBUG + CRYPTO_push_info("read files"); +#endif + if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE); else in = BIO_new_file(infile, "rb"); if (!in) { @@ -289,6 +294,11 @@ int MAIN(int argc, char **argv) } } +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); + CRYPTO_push_info("write files"); +#endif + if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE); else out = BIO_new_file(outfile, "wb"); if (!out) { @@ -298,11 +308,17 @@ int MAIN(int argc, char **argv) goto end; } if (twopass) { +#ifdef CRYPTO_MDEBUG + CRYPTO_push_info("read MAC password"); +#endif if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert)) { BIO_printf (bio_err, "Can't read Password\n"); goto end; } +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); +#endif } if (export_cert) { @@ -317,6 +333,10 @@ int MAIN(int argc, char **argv) int i; unsigned char keyid[EVP_MAX_MD_SIZE]; unsigned int keyidlen = 0; + +#ifdef CRYPTO_MDEBUG + CRYPTO_push_info("process -export_cert"); +#endif key = PEM_read_bio_PrivateKey(inkey ? inkey : in, NULL, NULL, NULL); if (!inkey) (void) BIO_reset(in); else BIO_free(inkey); @@ -440,6 +460,10 @@ int MAIN(int argc, char **argv) PKCS12_free(p12); ret = 0; + +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); +#endif goto end; } @@ -449,30 +473,52 @@ int MAIN(int argc, char **argv) goto end; } +#ifdef CRYPTO_MDEBUG + CRYPTO_push_info("read import password"); +#endif if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) { BIO_printf (bio_err, "Can't read Password\n"); goto end; } +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); +#endif if (!twopass) strcpy(macpass, pass); if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1); if(macver) { +#ifdef CRYPTO_MDEBUG + CRYPTO_push_info("verify MAC"); +#endif if (!PKCS12_verify_mac (p12, mpass, -1)) { BIO_printf (bio_err, "Mac verify errror: invalid password?\n"); ERR_print_errors (bio_err); goto end; } else BIO_printf (bio_err, "MAC verified OK\n"); +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); +#endif } +#ifdef CRYPTO_MDEBUG + CRYPTO_push_info("output keys and certificates"); +#endif if (!dump_certs_keys_p12 (out, p12, cpass, -1, options)) { BIO_printf(bio_err, "Error outputting keys and certificates\n"); ERR_print_errors (bio_err); goto end; } +#ifdef CRYPTO_MDEBUG + CRYPTO_pop_info(); +#endif PKCS12_free(p12); ret = 0; end: +#ifdef CRYPTO_MDEBUG + CRYPTO_remove_all_info(); +#endif + BIO_free(in); BIO_free(out); EXIT(ret); } @@ -599,7 +645,7 @@ int get_cert_chain (X509 *cert, STACK_OF(X509) **chain) X509_STORE_CTX store_ctx; STACK_OF(X509) *chn; int i; - X509 *x; + store = X509_STORE_new (); X509_STORE_set_default_paths (store); X509_STORE_CTX_init(&store_ctx, store, cert, NULL);