T230: OpenSSL memory sanity check
Description
Originally reported by Jakuje: https://bugs.libssh.org/T230
OpenSSL supportes memory debugging (requires rebuild of openssl with crypto-mdebug
), which can capture corner cases of allocating something through openssl function and freeing it using normal free()
or vice versa. These errors generally do not cause any issues in production systems, but could fail in picky debuggers or on different platforms.
It would be nice to have CI target that could rebuild openssl with crypto-debug
support and plug into libssh tests CRYPTO_set_mem_debug()
and CRYPTO_mem_leaks()
functions to track OpenSSL inconsistencies.
https://www.openssl.org/docs/manmaster/man3/OPENSSL_malloc.html
Comments:
sahanaprasad07 commented on 2020-11-19 16:36:07 UTC:
@Jakuje Do you think we should address this in libssh 1.0.0? we could also look into some similiar support in OpenSSL3.0, when we add support for it.
Jakuje commented on 2020-11-19 19:04:02 UTC:
This could be a nice exercise when getting familiar with openssl :) It makes sense to do it with openssl 3.0 more than with the 1.1.1, but as written in the description, it does not have a potential to finding many bugs with high impact.