You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@thrift.apache.org by je...@apache.org on 2021/12/06 22:01:32 UTC
[thrift] branch master updated: THRIFT-5482: Fix memory leak during SSL handshake in C++ library Client: C++
This is an automated email from the ASF dual-hosted git repository.
jensg pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/thrift.git
The following commit(s) were added to refs/heads/master by this push:
new 98be76f THRIFT-5482: Fix memory leak during SSL handshake in C++ library Client: C++
98be76f is described below
commit 98be76fc033f1d66bcfd09d4a22b86e8061e89c2
Author: Anshul M Gupta <an...@rubrik.com>
AuthorDate: Wed Dec 1 00:59:13 2021 -0800
THRIFT-5482: Fix memory leak during SSL handshake in C++ library
Client: C++
---
lib/cpp/src/thrift/transport/TSSLSocket.cpp | 16 ++++++++++++++++
1 file changed, 16 insertions(+)
diff --git a/lib/cpp/src/thrift/transport/TSSLSocket.cpp b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
index 665f8f6..dc8fcd9 100644
--- a/lib/cpp/src/thrift/transport/TSSLSocket.cpp
+++ b/lib/cpp/src/thrift/transport/TSSLSocket.cpp
@@ -152,7 +152,15 @@ void cleanupOpenSSL() {
CONF_modules_unload(1);
EVP_cleanup();
CRYPTO_cleanup_all_ex_data();
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+ // https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_thread_stop.html
+ OPENSSL_thread_stop();
+#else
+ // ERR_remove_state() was deprecated in OpenSSL 1.0.0 and ERR_remove_thread_state()
+ // was deprecated in OpenSSL 1.1.0; these functions and should not be used.
+ // https://www.openssl.org/docs/manmaster/man3/ERR_remove_state.html
ERR_remove_state(0);
+#endif
ERR_free_strings();
mutexes.reset();
@@ -382,7 +390,15 @@ void TSSLSocket::close() {
SSL_free(ssl_);
ssl_ = nullptr;
handshakeCompleted_ = false;
+#if OPENSSL_VERSION_NUMBER >= 0x10100000
+ // https://www.openssl.org/docs/man1.1.1/man3/OPENSSL_thread_stop.html
+ OPENSSL_thread_stop();
+#else
+ // ERR_remove_state() was deprecated in OpenSSL 1.0.0 and ERR_remove_thread_state()
+ // was deprecated in OpenSSL 1.1.0; these functions and should not be used.
+ // https://www.openssl.org/docs/manmaster/man3/ERR_remove_state.html
ERR_remove_state(0);
+#endif
}
TSocket::close();
}