Kssl_calloc calls openssl_malloc which means the data must be free'd with openssl_free. And in debug builds any non-free'd data is a leak and reported. Ton line 875 the data is allocated and never free'd, so it skips the leak detection. In some of those other places, perhaps it's because the KRB API needs something it can free or realloc? I'm not sure. -- Senior Architect, Akamai Technologies IM: richsalz at jabber.at Twitter: RichSalz