cURL / Mailing Lists / curl-library / Single Mail

curl-library

Re: known memory leaks in libcurl 4.1.0

From: Wei Weng <wweng_at_acedsl.com>
Date: Thu, 02 Oct 2008 13:08:30 -0400

Phil Pellouchoud wrote:
> Hi,
>
>
>
> I am using libcurl 4.1.0 and I was wondering if there are known memory
> leaks in the libcrypto.so.0.9.8g that it is depending on.
>
>
>
> The reason I ask is because I’m using valgrind (which is totally awesome
> by the way) and it’s reporting the following leaks:
>
>
>
> ==11465== 4,471 bytes in 263 blocks are definitely lost in loss record 2
> of 2
>
> ==11465== at 0x4006B1E: malloc (vg_replace_malloc.c:207)
>
> ==11465== by 0x6DC24CD: (within /lib/libcrypto.so.0.9.8g)
>
> ==11465== by 0x6DC2B4E: CRYPTO_malloc (in /lib/libcrypto.so.0.9.8g)
>
> ==11465== by 0x6E16785: BUF_strndup (in /lib/libcrypto.so.0.9.8g)
>
> ==11465== by 0x6E16813: BUF_strdup (in /lib/libcrypto.so.0.9.8g)
>
> ==11465== by 0x6F5587E: ssl3_ctrl (in /lib/libssl.so.0.9.8g)
>
> ==11465== by 0x6F6713F: SSL_ctrl (in /lib/libssl.so.0.9.8g)
>
> ==11465== by 0x41C5220: ossl_connect_common (ssluse.c:1463)
>
> ==11465== by 0x41C5542: Curl_ossl_connect (ssluse.c:1859)
>
> ==11465== by 0x41D6ABA: Curl_ssl_connect (sslgen.c:213)
>
> ==11465== by 0x41B6000: Curl_http_connect (http.c:1719)
>
> ==11465== by 0x41BCC18: Curl_protocol_connect (url.c:2803)
>
>
>
> It may be possible (quite likely in fact J) that I’m not using the
> libcurl API correctly or forgetting something; but I thought I’d throw
> this out there in case someone knows off hand.
>
>
>
> -phil
>

I think Daniel should put this valgrind issue in part of the curl FAQ or
something.

http://curl.haxx.se/mail/lib-2008-02/0219.html

It says:

-- begin quote --

> Lots of these OpenSSL-related valgrind errors are known issues due to
> actions openssl does on purpose that valgrind just doesn't think is kosher.
>
> The *proper* thing to do would be to add a filter to valgrind that
> ignores these particular known and acknowledged false positives, but
> that might be a bit annoying as I'm sure things differ slightly between
> openssl releases etc.
>
Those are known (hacks for randomness).
You could build openssl with -DPURIFY.
Should stop the bogus warnings.

-- end quote --

Thanks
Wei
Received on 2008-10-02