On Sun, Feb 12, 2017 at 07:24:48PM +0100, Matthias Andree wrote: > It's not documented to free anything, and it doesn't zero out the > pointer, and with OpenSSL 1.0.2, valgrind does not complain about > freeing free memory. > > Unfortunately OpenSSL (ab)uses #define preprocessor macros with > concatenation (##) for the poor man's generic programming, and that > makes it hard to trace, you need to look for PEM_ASN1_read in > crypto/pem/pem_lib.c, which calls upon PEM_ASN1_read_bio from > .../pem_oth.c, and then PEM_bytes_read_bio again from pem_lib.c, and > there I'm losing track while chasing down the d2i implementation.
Thank you Matthias, that's really helpful. Even just reading PEM_ASN1_read_bio(), it looks pretty clear that it isn't freeing anything at the end of file. Combined with your valgrind debugging, it looks pretty safe to change. So I'm going to commit your last version and change check_certificate_by_digest() to do the same. -- Kevin J. McCarthy GPG Fingerprint: 8975 A9B3 3AA3 7910 385C 5308 ADEF 7684 8031 6BDA
signature.asc
Description: PGP signature
