memory leak on macOS M1

[myudaZS]

I did this

Hi,

I ran the following code which cause memory leaks after curl_easy_cleanup(hnd); was called. The memory leaks are identified using XCode instruments.

void CallCurl() {   
    CURL *hnd;
    hnd = curl_easy_init();
    curl_easy_setopt(hnd, CURLOPT_URL, "https://www.google.com");
    curl_easy_perform(hnd);
    curl_easy_cleanup(hnd);
}

I expected the following

I expected no memory leaks and instead i received the following leaks.

serialize_ECPublicKey
ECDSA_do_verify_new
ossl_ecdsa_verify
EVP_DigestVerifyFinal
tls13_server_certificate_verify_recv
tls13_handshake_perform
tls13_legacy_connect
ossl_connect_common
ssl_cf_connect
cf_setup_connect
cf_hc_connect
Curl_conn_connect
multi_runsingle
curl_multi_perform
curl_easy_perform
CallCurl()
main
start

ccMallocECCryptor
CCECCryptorImportKey
ECDSA_do_verify_new
ossl_ecdsa_verify
EVP_DigestVerifyFinal
tls13_server_certificate_verify_recv
tls13_handshake_perform
tls13_legacy_connect
ossl_connect_common
ssl_cf_connect
cf_setup_connect
cf_hc_connect
Curl_conn_connect
multi_runsingle
curl_multi_perform
curl_easy_perform
CallCurl()
main
start

ccMallocECCryptor
CCECCryptorImportKey
ECDSA_do_verify_new
ossl_ecdsa_verify
EVP_DigestVerifyFinal
tls13_server_certificate_verify_recv
tls13_handshake_perform
tls13_legacy_connect
ossl_connect_common
ssl_cf_connect
cf_setup_connect
cf_hc_connect
Curl_conn_connect
multi_runsingle
curl_multi_perform
curl_easy_perform
CallCurl()
main
start

curl/libcurl version

curl 8.1.2 (x86_64-apple-darwin23.0) libcurl/8.1.2 (SecureTransport) LibreSSL/3.3.6 zlib/1.2.12 nghttp2/1.55.1
macOS shipped lib of curl.

operating system

sonoma 14.1.1 M1 amcOS.

[icing]

These are all allocations inside the TLS library, in your case LibreSSL. Did your code run curl_global_cleanup(); at the end? Because that internally calls the LibreSSL cleanup functions that should free the allocations reported by you.

[myudaZS]

I tried calling curl_global_cleanup at the end, and i still get memory leaks:

    CURL *hnd;
    hnd = curl_easy_init();
    curl_easy_setopt(hnd, CURLOPT_URL, "https://www.google.com");
    curl_easy_perform(hnd);
    curl_easy_cleanup(hnd);
    curl_global_cleanup();

Memory leaks from instruments:

ccMallocECCryptor	
CCECCryptorImportKey	
ECDSA_do_verify_new	
ossl_ecdsa_verify	
EVP_DigestVerifyFinal	
tls13_server_certificate_verify_recv	
tls13_handshake_perform	
tls13_legacy_connect	
ossl_connect_common	
ssl_cf_connect	
cf_setup_connect	
cf_hc_connect	
Curl_conn_connect	
multi_runsingle	
curl_multi_perform	
curl_easy_perform	
main	
start

[jay]

curl 8.1.2 (x86_64-apple-darwin23.0) libcurl/8.1.2 (SecureTransport) LibreSSL/3.3.6 zlib/1.2.12 nghttp2/1.55.1

Please try the latest curl. There have been some changes to the way libcurl handles LibreSSL 2.7.0+ init/deinit in the last few versions.

/cc @vszakats

[myudaZS]

On latest curl (8.6) the leak doesn't reproduce, however i want to use specifically the curl that is shipped with macOS.

[jay]

We can't do anything about that. If an OS wants to maintain an older version then it's up to them to do that. You can use Apple's feedback assistant but aside from that I don't know what else.

[bagder]

If 8.6.0 doesn't leak, then the problem is already fixed and our job is done.

[vszakats]

Refs:
bec0c5b
#11611
9f2d229
#12525
#12526