worker process and memory leak ?

[Igor Sysoev]

On Sun, Apr 27, 2008 at 07:01:54PM +0200, Chavelle Vincent wrote:

> Visibly, there is another memory leak when ssl_verify_client is also 
> activate.
> 
>  21,440 bytes in 80 blocks are definitely lost in loss record 6 of 8
>     at 0x4022AB8: malloc (vg_replace_malloc.c:207)
>     by 0x430448D: (within /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x4304AEE: CRYPTO_malloc (in 
> /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x436113C: BUF_MEM_grow (in 
> /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x439E9B2: X509_NAME_oneline (in 
> /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x8069962: ngx_http_ssl_verify_callback (ngx_event_openssl.c:305)
>     by 0x43A086C: (within /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x43A15F8: X509_verify_cert (in 
> /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x42AB922: ssl_verify_cert_chain (in 
> /usr/lib/i686/cmov/libssl.so.0.9.8)
>     by 0x428C9F9: ssl3_get_client_certificate (in 
> /usr/lib/i686/cmov/libssl.so.0.9.8)
>     by 0x4290381: ssl3_accept (in /usr/lib/i686/cmov/libssl.so.0.9.8)
>     by 0x42A78C9: SSL_accept (in /usr/lib/i686/cmov/libssl.so.0.9.8)
> 
>  268 bytes in 1 blocks are possibly lost in loss record 5 of 9
>     at 0x4022AB8: malloc (vg_replace_malloc.c:207)
>     by 0x430448D: (within /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x4304AEE: CRYPTO_malloc (in 
> /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x436113C: BUF_MEM_grow (in 
> /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x439E9B2: X509_NAME_oneline (in 
> /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x806998D: ngx_http_ssl_verify_callback (ngx_event_openssl.c:308)
>     by 0x43A086C: (within /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x43A15F8: X509_verify_cert (in 
> /usr/lib/i686/cmov/libcrypto.so.0.9.8)
>     by 0x42AB922: ssl_verify_cert_chain (in 
> /usr/lib/i686/cmov/libssl.so.0.9.8)
>     by 0x428C9F9: ssl3_get_client_certificate (in 
> /usr/lib/i686/cmov/libssl.so.0.9.8)
>     by 0x4290381: ssl3_accept (in /usr/lib/i686/cmov/libssl.so.0.9.8)
>     by 0x42A729C: SSL_do_handshake (in 
> /usr/lib/i686/cmov/libssl.so.0.9.8)
> 
> Igor, I hope that this debug output will help you to solve the problem

Try the attached patch.


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/event/ngx_event_openssl.c
===================================================================
--- src/event/ngx_event_openssl.c	(revision 1295)
+++ src/event/ngx_event_openssl.c	(working copy)
@@ -312,6 +312,8 @@
                    "subject:\"%s\",issuer: \"%s\"",
                    ok, err, depth, subject, issuer);
 
+    X509_free(cert);
+
     return 1;
 }