Memory leak detected by AddressSanitizer

[nataraj-hates-MS-for-stealing-github]

Hi! I decided to test perl modules built with AddressSanitizer. I did not go very far, as I found out that Net::SSLeay fail tests when build with ASan. And it is needed for sending test reports :-)

How to reproduce:

1. Build perl with ASan. With perlbrew it would be like this:

perlbrew install -Dcc=clang-16 -Accflags="-fsanitize=address" -Aldflags="-fsanitize=address" -DEBUGGING=both  -v perl-5.38.2 --as=5.38.2-asan-debug

2. Using that perl install all Net::SSLeay dependencies from CPAN, and build Net::SSLeay itself. You will see that tests fails.

3. Try to run following script using Net::SSLeay build in p.2:

use strict;
use Symbol qw(gensym);
use Net::SSLeay::Handle;

my @uris = ('ya.ru', 'google.com');
#my @uris = ('google.com');

for my $uri (@uris)
{
  my $ssl = gensym();
  tie(*$ssl, "Net::SSLeay::Handle", $uri, 443);
  print $ssl "GET / HTTP/1.0\r\n\r\n";

  my $response = do { local $/ = undef; <$ssl> };
}

You will see that this script will cause memory leak reports if you've read from two sockets in a row. And will behave nice if there is only one socket is used (you need to use commented alternatice @uris line). The key to the problem is reading from socket. If you just write to it without reading, it will not leak to leaks.

I have not dig into that problem yet, I've just find solid way to reproduce it. I suspect that there some kind of OPENSSL_init_ssl is called twice, or something like that.

You know that code better then me, you have better chances to find the origin of the problem. But I will give it another try soon, I hope