Memory leaks with NSS

Mon, 30 Jan 2006 07:05:29 -0800 

Hi,
We're using NSS inside a Windows app for encrypted communication. Everything works fine, but we're experiencing a large number of memory leaks. Tracking down the cause led me to the following stacktrace (among many others): 

nspr4.dll!PR_Malloc(unsigned int size=2135)  Line 495 + 0xa     C

plds4.dll!PL_ArenaAllocate(PLArenaPool * pool=0x03b4abc8, unsigned int 
nb=2112)  Line 214 + 0xa	C
nss3.dll!PORT_ArenaAlloc(PLArenaPool * arena=0x03b4abc8, unsigned int 
size=2108)  Line 243 + 0x49	C
nss3.dll!CERT_DecodeDERCertificate(SECItemStr * 
derSignedCert=0x0012da80, int copyDER=1, char * nickname=0x00000000) 
Line 843 + 0x10	C
nss3.dll!nssDecodedPKIXCertificate_Create(NSSArenaStr * 
arenaOpt=0x00000000, NSSItemStr * encoding=0x03acbb74)  Line 469 + 0xd	C
nss3.dll!stan_GetCERTCertificate(NSSCertificateStr * c=0x03acbb48, int 
forceUpdate=0)  Line 783 + 0xe	C
nss3.dll!STAN_GetCERTCertificate(NSSCertificateStr * c=0x03acbb48)  Line 
837 + 0xb	C
nss3.dll!convert_cert(NSSCertificateStr * c=0x03acbb48, void * 
arg=0x0012db4c)  Line 92 + 0x9	C
nss3.dll!nssPKIObjectCollection_Traverse(nssPKIObjectCollectionStr * 
collection=0x03a31680, nssPKIObjectCallback * callback=0x0012db1c)  Line 
897 + 0x13	C
nss3.dll!NSSTrustDomain_TraverseCertificates(NSSTrustDomainStr * 
td=0x0241a870, PRStatus (NSSCertificateStr *, void *)* 
callback=0x03cdf4c0, void * arg=0x0012db4c)  Line 1080 + 0xd	C
nss3.dll!PK11_TraverseSlotCerts(_SECStatus (CERTCertificateStr *, 
SECItemStr *, void *)* callback=0x03ccd350, void * arg=0x0244b388, void 
* wincx=0x00000000)  Line 547 + 0x12	C
nss3.dll!CERT_GetSSLCACerts(NSSTrustDomainStr * handle=0x0241a870)  Line 
631 + 0x10	C
ssl3.dll!SSL_ConfigSecureServer(PRFileDesc * fd=0x023f18a8, 
CERTCertificateStr * cert=0x0243b348, SECKEYPrivateKeyStr * 
key=0x02449a80, SSLKEAType kea=ssl_kea_rsa)  Line 694 + 0xf	C
pipnss.dll!nsSSLIOLayerListen(PRFileDesc * fd=0x023f18a8, int backlog=5) 
 Line 1387 + 0x16	C++
nspr4.dll!PR_Listen(PRFileDesc * fd=0x023f18a8, int backlog=5)  Line 
214 + 0x10	C



So basically we are creating a new SSL socket with 
NSISocketProvider::NewSocket, then calling PR_Listen for the socket. In 
the above stacktrace, the NSPR listen code calls the NSS code to 
"traverse" the certificates. This results in a call to convert_cert, 
which calls STAN_GetCERTCertificate. This causes the creation of a new 
certificate (as near as I can see) with memory allocated by the arena 
pool code. I can't see who is responsible for freeing this certificate 
(or rather the underlying memory block in the arena pool), but it does 
not appear to be freed ever.



Are we doing something obviously wrong? When and where are these 
certicates meant to be freed?


Thanks in advance,
Matt
_______________________________________________
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto






















					Reply via email to