CESNET
Memory leak on cleanup: Difference between nc_tls_destroy and nc_ssh_tls_destroy
When running valgrind the following memory leak hit is given:
==2277== 24 bytes in 1 blocks are still reachable in loss record 577 of 2,272
==2277== at 0x4CA3E26: malloc (vg_replace_malloc.c:299)
==2277== by 0x5A31C68: CRYPTO_malloc (mem.c:346)
==2277== by 0x5A35347: OBJ_NAME_add (o_names.c:191)
==2277== by 0x5AFE5EC: EVP_add_cipher (names.c:74)
==2277== by 0x5758230: SSL_library_init (ssl_algs.c:68)
==2277== by 0x73C41A2: nc_ssh_tls_init (session.c:1611)
==2277== by 0x73C41A2: nc_init (session.c:1668)
==2277== by 0x73C5DD7: nc_client_init (session_client.c:2065)
<client library trace omitted>
- libnetconf2 v1.1.26
- OpenSSL v1.0.2
Looking closer at nc_tls_destroy and nc_ssh_tls_destroy there are a number of cleanup functions called in the former and not the latter. One particularly interesting is the EVP_cleanup which removes the above valgrind hit (though that is not the only discrepency).
nc_tls_destroy:
https://github.com/CESNET/libnetconf2/blob/master/src/session.c#L1566-L1594
nc_ssh_tls_destroy:
https://github.com/CESNET/libnetconf2/blob/master/src/session.c#L1618-L1637
The OpenSSL wiki gives an incomplete list of cleanup when running OpenSSL < 1.1.0, so it is not clear to me what else may need to be included here. https://wiki.openssl.org/index.php/Library_Initialization#Cleanup
