[omniORB] Patch to fix leak in SSL context initialization

Peter Klotz peter.klotz at aon.at
Tue Oct 27 20:13:05 GMT 2009


Duncan Grisby wrote:
> Unfortunately, I can't apply your fix. It's documented that it is valid
> to assign values directly to the sslContext static variables (it's what
> the ssl_echo example program does too). Therefore, the pointers in
> sslContext::key_file etc., are not necessarily things that can be freed
> with CORBA::string_free.
> 
> Without changing the API (and thus breaking binary compatibility with
> the library), it's not possible to simply free the strings. The only
> option would be to maintain a flag for each string, indicating whether
> it should be freed or not. In that case, the freeing should happen in
> the initialiser detach() method.

I see.

Wouldn't it make sense to change that behavior for 4.2.x (or whatever is
next) and to make these static variables private?

Is it really necessary to have two quite different ways to set SSL
initialization parameters (setting them directly vs. using ORB_init())?

> Do you have real code that repeatedly destroys and reinitialises the
> ORB, or is it just a test?

It is production code but I can live with my patch for the time being.

Regards, Peter.




More information about the omniORB-list mailing list