libnetconf2 icon indicating copy to clipboard operation
libnetconf2 copied to clipboard
verified publisher icon CESNET

Memory leak on cleanup when OpenSSL < 1.1.0 is built with zlib

Open willtoth opened this issue 4 years ago • 1 comments

When running a libnetconf2 application with valgrind several memory leaks are shown when using OpenSSL with zlib. There are a number of hits typically as below:

==2277== 2 bytes in 1 blocks are still reachable in loss record 14 of 2,272
==2277==    at 0x4CA3E26: malloc (vg_replace_malloc.c:299)
==2277==    by 0x5A31C68: CRYPTO_malloc (mem.c:346)
==2277==    by 0x5AD0943: DSO_set_filename (dso_lib.c:357)
==2277==    by 0x5AD0A3F: DSO_load (dso_lib.c:219)
==2277==    by 0x5B70C19: COMP_zlib (c_zlib.c:352)
==2277==    by 0x57501A4: load_builtin_compressions.part.0 (ssl_ciph.c:491)
==2277==    by 0x5752B24: load_builtin_compressions (ssl_ciph.c:2038)
==2277==    by 0x5752B24: SSL_COMP_get_compression_methods (ssl_ciph.c:2036)
==2277==    by 0x5758422: SSL_library_init (ssl_algs.c:150)
==2277==    by 0x73C41A2: nc_ssh_tls_init (session.c:1611)
==2277==    by 0x73C41A2: nc_init (session.c:1668)
==2277==    by 0x73C5DD7: nc_client_init (session_client.c:2065)
  • libnetconf2 v1.1.26
  • OpenSSL v1.0.2

Adding COMP_zlib_cleanup() in the nc_ssh_tls_destroy() method removes all but one hit when running valgrind, which I have not been able to track down (or confirm if this is a real issue):

==21179== 32 bytes in 1 blocks are still reachable in loss record 1 of 2
==21179==    at 0x4C2FB55: calloc (in /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
==21179==    by 0x686A626: _dlerror_run (dlerror.c:141)
==21179==    by 0x6869FA0: dlopen@@GLIBC_2.2.5 (dlopen.c:87)
==21179==    by 0x517D73C: dlfcn_load (in /opt/openssl/lib/libcrypto.so.1.0.0)
==21179==    by 0x517E05B: DSO_load (in /opt/openssl/lib/libcrypto.so.1.0.0)
==21179==    by 0x51FAE81: COMP_zlib (in /opt/openssl/lib/libcrypto.so.1.0.0)
==21179==    by 0x4218F6: load_builtin_compressions (in /home/will/src/libnetconf2leak/a.out)
==21179==    by 0x423938: SSL_COMP_get_compression_methods (in /home/will/src/libnetconf2leak/a.out)
==21179==    by 0x4281C6: SSL_library_init (in /home/will/src/libnetconf2leak/a.out)
==21179==    by 0x4E51BEC: nc_ssh_tls_init (session.c:1611)
==21179==    by 0x4E51CA0: nc_init (session.c:1669)
==21179==    by 0x4E580F8: nc_client_init (session_client.c:2063)

willtoth avatar May 10 '21 20:05 willtoth

Do not bother with this, if you need to check for leaks, use a suppression file for valgrind. OpenSSL did not care much for avoiding memory leaks on exit (they are intentional) and trying to free everything is a fight you cannot win, especially as it differs between version. I also remember that some function freed some dynamic memory but caused data races instead. Really, looking at this is a waste of time.

michalvasko avatar May 11 '21 08:05 michalvasko