Bugs item #2926284, was opened at 2010-01-05 16:06
Message generated for change (Settings changed) made by bagder
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=2926284&group_id=976

Please note that this message will contain a full copy of the comment thread,
including the initial issue submission, for this request,
not just the latest update.
Category: libcurl
Group: None
>Status: Closed
>Resolution: Fixed
Priority: 5
Private: No
Submitted By: Johan van Selst (koresh)
Assigned to: Daniel Stenberg (bagder)
Summary: [patch] Reference count leak in OpenSSL session re-use

Initial Comment:
ossl_connect_step3() increments an SSL session handle reference counter on each call. When sessions are re-used this reference counter may be incremented many times, but it will be decremented only once when done (by Curl_ossl_session_free()); and the internal OpenSSL data will not be freed if this reference count remains positive. When a session is re-used the reference counter should be corrected by explicitly calling SSL_SESSION_free() after each consecutive SSL_get1_session() to avoid introducing a memory leak.

----------------------------------------------------------------------

Comment By: Daniel Stenberg (bagder)
Date: 2010-01-09 00:45

Message:
Thanks for the report, this problem is now fixed in CVS!

----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100976&aid=2926284&group_id=976
Received on 2010-01-09