Skip to content

Memory leak in the afalg engine #16743

New issue
New issue
Closed
Closed
Memory leak in the afalg engine#16743
Labels
branch: 1.1.1Applies to OpenSSL_1_1_1-stable branch (EOL)branch: 3.0Applies to openssl-3.0 branchbranch: masterApplies to master branchtriaged: bugThe issue/pr is/fixes a bug
@bernd-edlinger

Description

@bernd-edlinger
bernd-edlinger
opened on Oct 4, 2021

This slightly modified test case exhibits a memory leak in the afalg engine (both master & 1.1.1):

#include <openssl/engine.h>
#include <openssl/evp.h>

int main()
{
  ENGINE *e;
  const EVP_CIPHER * cipher;
  EVP_CIPHER_CTX *ctx;

  OPENSSL_init_crypto(OPENSSL_INIT_ENGINE_DYNAMIC, NULL);
  e = ENGINE_by_id("afalg");
  if (e == NULL)
    return 1;
  if (!ENGINE_init(e)) 
    goto err;
  cipher = ENGINE_get_cipher(e, NID_aes_128_cbc);
  ctx = EVP_CIPHER_CTX_new();
  if (cipher != NULL && ctx != NULL)
    {
       int rv = EVP_EncryptInit_ex(ctx, cipher, e, NULL, NULL);
       printf("EncryptInit=%d\n", rv);
    }
  EVP_CIPHER_CTX_free(ctx);
  ENGINE_finish(e);
err:
  ENGINE_remove(e);
  ENGINE_free(e);
  return 0;
}

may result in a memory leak as follows:

$ LD_LIBRARY_PATH=.:$LD_LIBRARY_PATH OPENSSL_ENGINES=engines ./a.out 
EncryptInit=1

=================================================================
==8676==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 200 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea67bd1c8 in ENGINE_new crypto/engine/eng_lib.c:32
    #3 0x7f4ea67be906 in ENGINE_by_id crypto/engine/eng_list.c:310
    #4 0x7f4ea67bedba in ENGINE_by_id crypto/engine/eng_list.c:331
    #5 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #6 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Direct leak of 128 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea6822183 in evp_cipher_init_internal crypto/evp/evp_enc.c:294
    #3 0x7f4ea68228ae in EVP_CipherInit_ex crypto/evp/evp_enc.c:398
    #4 0x4012a6 in main /home/ed/OPC/openssl/test.c:20
    #5 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 88 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea67baefe in dynamic_set_data_ctx crypto/engine/eng_dyn.c:159
    #3 0x7f4ea67baefe in dynamic_get_data_ctx crypto/engine/eng_dyn.c:234
    #4 0x7f4ea67baefe in dynamic_ctrl crypto/engine/eng_dyn.c:299
    #5 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #6 0x7f4ea67bedda in ENGINE_by_id crypto/engine/eng_list.c:332
    #7 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #8 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 80 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea6713194 in DSO_new_method crypto/dso/dso_lib.c:27
    #3 0x7f4ea67bb0bb in dynamic_load crypto/engine/eng_dyn.c:410
    #4 0x7f4ea67bb0bb in dynamic_ctrl crypto/engine/eng_dyn.c:344
    #5 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #6 0x7f4ea67bee51 in ENGINE_by_id crypto/engine/eng_list.c:337
    #7 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #8 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 56 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea68a5f40 in CRYPTO_THREAD_lock_new crypto/threads_pthread.c:38
    #3 0x7f4ea671321f in DSO_new_method crypto/dso/dso_lib.c:41
    #4 0x7f4ea67bb0bb in dynamic_load crypto/engine/eng_dyn.c:410
    #5 0x7f4ea67bb0bb in dynamic_ctrl crypto/engine/eng_dyn.c:344
    #6 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #7 0x7f4ea67bee51 in ENGINE_by_id crypto/engine/eng_list.c:337
    #8 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #9 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea6987885 in sk_reserve crypto/stack/stack.c:192
    #3 0x7f4ea6987885 in OPENSSL_sk_insert crypto/stack/stack.c:254
    #4 0x7f4ea67bb74c in dynamic_ctrl crypto/engine/eng_dyn.c:364
    #5 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #6 0x7f4ea67bee16 in ENGINE_by_id crypto/engine/eng_list.c:334
    #7 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #8 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea6987885 in sk_reserve crypto/stack/stack.c:192
    #3 0x7f4ea6987885 in OPENSSL_sk_insert crypto/stack/stack.c:254
    #4 0x7f4ea6885670 in CRYPTO_set_ex_data crypto/ex_data.c:477
    #5 0x7f4ea67bb89a in dynamic_set_data_ctx crypto/engine/eng_dyn.c:180
    #6 0x7f4ea67bb89a in dynamic_get_data_ctx crypto/engine/eng_dyn.c:234
    #7 0x7f4ea67bb89a in dynamic_ctrl crypto/engine/eng_dyn.c:299
    #8 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #9 0x7f4ea67bedda in ENGINE_by_id crypto/engine/eng_list.c:332
    #10 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #11 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea698926e in OPENSSL_sk_new_reserve crypto/stack/stack.c:221
    #3 0x7f4ea6885734 in CRYPTO_set_ex_data crypto/ex_data.c:470
    #4 0x7f4ea67bb89a in dynamic_set_data_ctx crypto/engine/eng_dyn.c:180
    #5 0x7f4ea67bb89a in dynamic_get_data_ctx crypto/engine/eng_dyn.c:234
    #6 0x7f4ea67bb89a in dynamic_ctrl crypto/engine/eng_dyn.c:299
    #7 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #8 0x7f4ea67bedda in ENGINE_by_id crypto/engine/eng_list.c:332
    #9 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #10 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea698926e in OPENSSL_sk_new_reserve crypto/stack/stack.c:221
    #3 0x7f4ea67baf13 in dynamic_set_data_ctx crypto/engine/eng_dyn.c:166
    #4 0x7f4ea67baf13 in dynamic_get_data_ctx crypto/engine/eng_dyn.c:234
    #5 0x7f4ea67baf13 in dynamic_ctrl crypto/engine/eng_dyn.c:299
    #6 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #7 0x7f4ea67bedda in ENGINE_by_id crypto/engine/eng_list.c:332
    #8 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #9 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea6987885 in sk_reserve crypto/stack/stack.c:192
    #3 0x7f4ea6987885 in OPENSSL_sk_insert crypto/stack/stack.c:254
    #4 0x7f4ea6712bdc in dlfcn_load crypto/dso/dso_dlfcn.c:127
    #5 0x7f4ea6713a3a in DSO_load crypto/dso/dso_lib.c:161
    #6 0x7f4ea67bb4f4 in int_load crypto/engine/eng_dyn.c:394
    #7 0x7f4ea67bb4f4 in dynamic_load crypto/engine/eng_dyn.c:421
    #8 0x7f4ea67bb4f4 in dynamic_ctrl crypto/engine/eng_dyn.c:344
    #9 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #10 0x7f4ea67bee51 in ENGINE_by_id crypto/engine/eng_list.c:337
    #11 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #12 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea6888881 in CRYPTO_zalloc crypto/mem.c:191
    #2 0x7f4ea698926e in OPENSSL_sk_new_reserve crypto/stack/stack.c:221
    #3 0x7f4ea67131a5 in DSO_new_method crypto/dso/dso_lib.c:32
    #4 0x7f4ea67bb0bb in dynamic_load crypto/engine/eng_dyn.c:410
    #5 0x7f4ea67bb0bb in dynamic_ctrl crypto/engine/eng_dyn.c:344
    #6 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #7 0x7f4ea67bee51 in ENGINE_by_id crypto/engine/eng_list.c:337
    #8 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #9 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 17 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea671283d in dlfcn_name_converter crypto/dso/dso_dlfcn.c:267
    #2 0x7f4ea6713dd9 in DSO_convert_filename crypto/dso/dso_lib.c:298
    #3 0x7f4ea6712b0a in dlfcn_load crypto/dso/dso_dlfcn.c:100
    #4 0x7f4ea6713a3a in DSO_load crypto/dso/dso_lib.c:161
    #5 0x7f4ea67bb4f4 in int_load crypto/engine/eng_dyn.c:394
    #6 0x7f4ea67bb4f4 in dynamic_load crypto/engine/eng_dyn.c:421
    #7 0x7f4ea67bb4f4 in dynamic_ctrl crypto/engine/eng_dyn.c:344
    #8 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #9 0x7f4ea67bee51 in ENGINE_by_id crypto/engine/eng_list.c:337
    #10 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #11 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 17 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea688a89f in CRYPTO_strdup crypto/o_str.c:24
    #2 0x7f4ea6713883 in DSO_set_filename crypto/dso/dso_lib.c:253
    #3 0x7f4ea6713883 in DSO_set_filename crypto/dso/dso_lib.c:240
    #4 0x7f4ea67139db in DSO_load crypto/dso/dso_lib.c:148
    #5 0x7f4ea67bb4f4 in int_load crypto/engine/eng_dyn.c:394
    #6 0x7f4ea67bb4f4 in dynamic_load crypto/engine/eng_dyn.c:421
    #7 0x7f4ea67bb4f4 in dynamic_ctrl crypto/engine/eng_dyn.c:344
    #8 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #9 0x7f4ea67bee51 in ENGINE_by_id crypto/engine/eng_list.c:337
    #10 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #11 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 9 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea67128a2 in dlfcn_name_converter crypto/dso/dso_dlfcn.c:267
    #2 0x7f4ea6713dd9 in DSO_convert_filename crypto/dso/dso_lib.c:298
    #3 0x7f4ea67bb7f9 in dynamic_load crypto/engine/eng_dyn.c:419
    #4 0x7f4ea67bb7f9 in dynamic_ctrl crypto/engine/eng_dyn.c:344
    #5 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #6 0x7f4ea67bee51 in ENGINE_by_id crypto/engine/eng_list.c:337
    #7 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #8 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 8 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea688a89f in CRYPTO_strdup crypto/o_str.c:24
    #2 0x7f4ea67bb715 in dynamic_ctrl crypto/engine/eng_dyn.c:359
    #3 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #4 0x7f4ea67bee16 in ENGINE_by_id crypto/engine/eng_list.c:334
    #5 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #6 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

Indirect leak of 6 byte(s) in 1 object(s) allocated from:
    #0 0x7f4ea6e5a577 in __interceptor_malloc ../../../../gcc-trunk/libsanitizer/asan/asan_malloc_linux.cpp:129
    #1 0x7f4ea688a89f in CRYPTO_strdup crypto/o_str.c:24
    #2 0x7f4ea67bb98a in dynamic_ctrl crypto/engine/eng_dyn.c:332
    #3 0x7f4ea67baafa in ENGINE_ctrl_cmd_string crypto/engine/eng_ctrl.c:324
    #4 0x7f4ea67bedda in ENGINE_by_id crypto/engine/eng_list.c:332
    #5 0x401236 in main /home/ed/OPC/openssl/test.c:11
    #6 0x7f4ea6021f44 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x21f44)

SUMMARY: AddressSanitizer: 801 byte(s) leaked in 16 allocation(s).

Metadata

Metadata

Assignees

No one assigned

    Labels

    branch: 1.1.1Applies to OpenSSL_1_1_1-stable branch (EOL)branch: 3.0Applies to openssl-3.0 branchbranch: masterApplies to master branchtriaged: bugThe issue/pr is/fixes a bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions