fix(bn) memory leak in bn:to_hex

fffonion · fffonion · commit 6718e9e76a84 · 2020-01-06T15:21:49.000-08:00
diff --git a/lib/resty/openssl/bn.lua b/lib/resty/openssl/bn.lua
@@ -6,6 +6,7 @@ local ffi_str = ffi.string
 local floor = math.floor
 
 require "resty.openssl.include.bn"
+local crypto_macro = require("resty.openssl.include.crypto")
 local format_error = require("resty.openssl.err").format_error
 
 local _M = {}
@@ -50,7 +51,9 @@ function _M:to_hex()
   if buf == nil then
     return nil, format_error("bn:to_hex")
   end
-  return ffi_str(buf), nil
+  local s = ffi_str(buf)
+  crypto_macro.OPENSSL_free(buf)
+  return s, nil
 end
 
 function _M.from_binary(s)
diff --git a/lib/resty/openssl/include/crypto.lua b/lib/resty/openssl/include/crypto.lua
@@ -0,0 +1,26 @@
+local ffi = require "ffi"
+local C = ffi.C
+
+local OPENSSL_10 = require("resty.openssl.version").OPENSSL_10
+local OPENSSL_11 = require("resty.openssl.version").OPENSSL_11
+
+local OPENSSL_free
+if OPENSSL_10 then
+  ffi.cdef [[
+    void CRYPTO_free(void *ptr);
+  ]]
+  OPENSSL_free = C.CRYPTO_free
+elseif OPENSSL_11 then
+  ffi.cdef [[
+    void CRYPTO_free(void *ptr, const char *file, int line);
+  ]]
+  OPENSSL_free = function(ptr)
+    -- file and line is for debuggin only, since we can't know the c file info
+    -- the macro is expanded, just ignore this
+    C.CRYPTO_free(ptr, "", 0)
+  end
+end
+
+return {
+  OPENSSL_free = OPENSSL_free,
+}
diff --git a/t/openssl/bn.t b/t/openssl/bn.t
@@ -105,6 +105,7 @@ bn:to_binary failed
                 ngx.log(ngx.ERR, err)
                 return
             end
+            -- valgrind might warn about double free on this test because of the following
             require('ffi').C.BN_free(bn.ctx)
             local b, err = bn2:to_binary()
             if err then
