[PATCH ustream] ustream-openssl: fix bio memory leak
Petr Štetiar
ynezz at true.cz
Thu Dec 10 10:57:35 EST 2020
Eneas U de Queiroz <cotequeiroz at gmail.com> [2020-12-10 11:29:36]:
Hi,
> access that memory after we free it. This would be after we call
> BIO_free. The thing is, we aren't making that call. so we are leaking
> that resource as well.
IIRC this is solved by OpenSSL internal reference counting and executed in
SSL_free() or SSL_shutdown().
> After tackling BIO_free, my suggestion would be to determine where the
> method table variable should go, and where to call BIO_meth_new and
> BIO_meth_free. I would add it to a defined struct
> ustream_ssl_ctx--which is now just used with a cast to SSL_CTX--and
IIRC I've tried that approach already(this WIP solution is like 3rd
iteration), but that struct is opaque.
> would create and free the object in __ustream_ssl_context_new and
> __ustream_ssl_context_free, which would give it a possibly larger
> lifetime than the ssl_session or the BIO object.
AFAIK that's exactly what I'm doing in my current solution.
> We should coordinate efforts. You're the boss, so tell me what you want me
> to do, if anything.
I didn't wanted to sound like the boss and I apologize if that was the case,
sorry.
I've just send out some patches for uclient/ustream-ssl, so I would be
grateful if you could review and test those changes on your device(s), ideally
on all three SSL libs and client/server setup. Thanks!
Cheers,
Petr
More information about the openwrt-devel
mailing list