Running the attached program under valgrind I get:
==1836773== 11,979 (9,504 direct, 2,475 indirect) bytes in 99 blocks are definitely lost in loss record 23 of 23
==1836773== at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1836773== by 0x4DBE26D: CRYPTO_zalloc (in /usr/lib/x86_64-linux-gnu/libcrypto.so.3)
==1836773== by 0x4E31134: X509_LOOKUP_meth_new (in /usr/lib/x86_64-linux-gnu/libcrypto.so.3)
==1836773== by 0x10930C: make_store (test.c:26)
==1836773== by 0x1093B9: main (test.c:50)
==1836773== at 0x4848899: malloc (in /usr/libexec/valgrind/vgpreload_memcheck-amd64-linux.so)
==1836773== by 0x4DBE26D: CRYPTO_zalloc (in /usr/lib/x86_64-linux-gnu/libcrypto.so.3)
==1836773== by 0x4E31134: X509_LOOKUP_meth_new (in /usr/lib/x86_64-linux-gnu/libcrypto.so.3)
==1836773== by 0x10930C: make_store (test.c:26)
==1836773== by 0x1093B9: main (test.c:50)
If I call X509_LOOKUP_meth_free where I have it commented out then I get:
==1837066== Invalid read of size 8
==1837066== at 0x4E2E74D: X509_LOOKUP_shutdown (in /usr/lib/x86_64-linux-gnu/libcrypto.so.3)
==1837066== by 0x4E368B7: X509_STORE_free (in /usr/lib/x86_64-linux-gnu/libcrypto.so.3)
==1837066== by 0x10940E: main (test.c:52)
==1837066== at 0x4E2E74D: X509_LOOKUP_shutdown (in /usr/lib/x86_64-linux-gnu/libcrypto.so.3)
==1837066== by 0x4E368B7: X509_STORE_free (in /usr/lib/x86_64-linux-gnu/libcrypto.so.3)
==1837066== by 0x10940E: main (test.c:52)
Am I doing something wrong, or is this a bug in X509_STORE_free?
--
Chris Bare
#include <openssl/x509_vfy.h>
static int
dir_ctrl (X509_LOOKUP * ctx, int cmd, const char *argp, long argl, char **retp)
{
return 0;
}
static int
get_cert_by_subject (X509_LOOKUP * xl, X509_LOOKUP_TYPE type, const X509_NAME * name, X509_OBJECT * ret)
{
return 0;
}
X509_STORE *
make_store ()
{
X509_LOOKUP *lookup = NULL;
X509_VERIFY_PARAM *vpm = NULL;
X509_LOOKUP_METHOD *lm = NULL;
X509_STORE *store = NULL;
store = X509_STORE_new ();
//lm = javX509_LOOKUP_DB ();
lm = X509_LOOKUP_meth_new ("Load certs from database");
X509_LOOKUP_meth_set_ctrl (lm, dir_ctrl);
X509_LOOKUP_meth_set_get_by_subject (lm, get_cert_by_subject);
lookup = X509_STORE_add_lookup (store, lm);
X509_LOOKUP_meth_free (lm);
vpm = X509_VERIFY_PARAM_new ();
X509_VERIFY_PARAM_set_flags (vpm, X509_V_FLAG_X509_STRICT);
X509_STORE_set1_param (store, vpm);
X509_VERIFY_PARAM_free (vpm);
return store;
}
int
main ()
{
X509_STORE *store = NULL;
int i;
for (i = 0; i < 99; i++)
{
store = make_store ();
printf ("made store %d\n", i);
X509_STORE_free (store);
printf ("free store %d\n", i);
}
return 0;
}
