You are viewing a plain text version of this content. The canonical link for it is here.

Posted to commits@thrift.apache.org by je...@apache.org on 2021/12/06 22:01:32 UTC

[thrift] branch master updated: THRIFT-5482: Fix memory leak during SSL handshake in C++ library Client: C++

This is an automated email from the ASF dual-hosted git repository.

jensg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/thrift.git


The following commit(s) were added to refs/heads/master by this push:
     new 98be76f  THRIFT-5482: Fix memory leak during SSL handshake in C++ library Client: C++
98be76f is described below

commit 98be76fc033f1d66bcfd09d4a22b86e8061e89c2
Author: Anshul M Gupta <an...@rubrik.com>
AuthorDate: Wed Dec 1 00:59:13 2021 -0800

    THRIFT-5482: Fix memory leak during SSL handshake in C++ library
    Client: C++
---
 lib/cpp/src/thrift/transport/TSSLSocket.cpp | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
index 665f8f6..dc8fcd9 100644
--- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
@@ -152,7 +152,15 @@ void cleanupOpenSSL() {
   CONF_modules_unload(1);
   EVP_cleanup();
   CRYPTO_cleanup_all_ex_data();
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+  // https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_thread_stop.html
+  OPENSSL_thread_stop();
+#else
+  // ERR_remove_state() was deprecated in OpenSSL 1.0.0 and ERR_remove_thread_state()
+  // was deprecated in OpenSSL 1.1.0; these functions and should not be used.
+  // https://www.openssl.org/docs/manmaster/man3/ERR_remove_state.html
   ERR_remove_state(0);
+#endif
   ERR_free_strings();
 
   mutexes.reset();
@@ -382,7 +390,15 @@ void TSSLSocket::close() {
     SSL_free(ssl_);
     ssl_ = nullptr;
     handshakeCompleted_ = false;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+    // https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_thread_stop.html
+    OPENSSL_thread_stop();
+#else
+    // ERR_remove_state() was deprecated in OpenSSL 1.0.0 and ERR_remove_thread_state()
+    // was deprecated in OpenSSL 1.1.0; these functions and should not be used.
+    // https://www.openssl.org/docs/manmaster/man3/ERR_remove_state.html
     ERR_remove_state(0);
+#endif
   }
   TSocket::close();
 }