On 09/26/2016 11:01 AM, Salz, Rich wrote: > Kssl_calloc calls openssl_malloc which means the data must be free'd with openssl_free. And in debug builds any non-free'd data is a leak and reported. Ton line 875 the data is allocated and never free'd, so it skips the leak detection. In some of those other places, perhaps it's because the KRB API needs something it can free or realloc? I'm not sure. > It doesn't look like the allocated memory is used as input to a krb5 routine, so I think it's just a bug. -Ben -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20160926/5bba8760/attachment.html>