diff options
author | Emilia Kasper <emilia@openssl.org> | 2016-03-12 20:46:13 +0100 |
---|---|---|
committer | Emilia Kasper <emilia@openssl.org> | 2016-03-12 21:47:01 +0100 |
commit | 8cab4e9bc73a66b64aae179db86493fd28c39b64 (patch) | |
tree | 89ff4afb8865dbc6426ee7f6197b8328d01a2cdb /crypto/init.c | |
parent | 36cc1390f265ce5f07a8841c106a6e1e7e021678 (diff) | |
download | openssl-8cab4e9bc73a66b64aae179db86493fd28c39b64.tar.gz |
Fix memory leak in library deinit
ENGINE_cleanup calls CRYPTO_free_ex_data and therefore,
CRYPTO_cleanup_all_ex_data - which cleans up the method pointers - must
run after ENGINE_cleanup.
Additionally, don't needlessly initialize the EX_CALLBACKS stack during
e.g. CRYPTO_free_ex_data. The only time this is actually needed is when
reserving the first ex data index. Specifically, since sk_num returns -1
on NULL input, the rest of the code already handles a NULL method stack
correctly.
Reviewed-by: Rich Salz <rsalz@openssl.org>
Diffstat (limited to 'crypto/init.c')
-rw-r--r-- | crypto/init.c | 13 |
1 files changed, 8 insertions, 5 deletions
diff --git a/crypto/init.c b/crypto/init.c index 1fa5e89420..d50d7f19e8 100644 --- a/crypto/init.c +++ b/crypto/init.c @@ -474,12 +474,17 @@ void OPENSSL_cleanup(void) "RAND_cleanup()\n"); #endif - CRYPTO_cleanup_all_ex_data(); - EVP_cleanup(); - CONF_modules_free(); +/* + * Note that cleanup order is important. + * For example, ENGINEs use CRYPTO_EX_DATA and therefore, must be cleaned up + * before the ex data handlers are wiped in CRYPTO_cleanup_all_ex_data(). + */ #ifndef OPENSSL_NO_ENGINE ENGINE_cleanup(); #endif + CRYPTO_cleanup_all_ex_data(); + EVP_cleanup(); + CONF_modules_free(); RAND_cleanup(); base_inited = 0; } @@ -628,5 +633,3 @@ int OPENSSL_atexit(void (*handler)(void)) return 1; } - - |