While investigating a memory leak in our application, I discovered that "sslctx_function" callback that was implemented following the cacertinmem.c sample was causing it.
After X509_STORE_add_cert, X509_free(cert) should be called, as X509_STORE_add_cert increments reference count. Also, BIO_free(bio) must be called.
Thanks! Any chance you can provide a patch for your suggested fix?
Of course. Attached is a modified sample, search for text "LEAKFIX".
How to debug:
- cert->references is 1 before call to X509_STORE_add_cert, and 2 after a
call. So we need to call X509_free(cert) to decrease the cert->reference
back to 1 (referenced from X509 store).
- BIO_new_mem_buf returns new "bio" stream, BIO_free call is missing. BIO
objects are also reference counted, so BIO_free decreases the count to 0
and deletes the object.
Regards,
Marko
Last edit: Daniel Stenberg 2014-05-09
Did you forget to attach the fixed example?
Sorry, I replied to a mail and it seems that attachments were removed by mailing list.
Execellent and thanks a lot! The fix has been committed and pushed. Case closed!