Ubuntu
stunnel4 package

Log is overflowed with messages "Possible memory leak at"

Bug #1813415 reported by Lev Petrushchak
28
This bug affects 6 people
Affects Status Importance Assigned to Milestone
stunnel4 (Ubuntu)
Confirmed
Undecided
Unassigned

Bug Description

Release: Ubuntu 18.04.1 LTS

Package version: 3:5.44-1ubuntu3

Expected: Usual messages in logs and moderate CPU usage.

What happened: Logs are overflowed with thousands of messages like these:

Jan 26 03:09:43 myhostname stunnel[886]: LOG4[2247869]: Possible memory leak at ../crypto/asn1/a_bitstr.c:117: 215309 allocations
Jan 26 03:09:43 myhostname stunnel[886]: LOG4[2247869]: Possible memory leak at ../crypto/x509/x_name.c:92: 215308 allocations
Jan 26 03:09:43 myhostname stunnel[886]: LOG4[2247869]: Possible memory leak at ../crypto/buffer/buffer.c:98: 215308 allocations
Jan 26 03:09:43 myhostname stunnel[886]: LOG4[2247869]: Possible memory leak at ../crypto/x509/x_name.c:350: 215308 allocations

And CPU usage become very high.

Fixed by restart of stunnel service but after some time it happens again.

This problem seems to be fixed in version 5.45 (please see changelog https://www.stunnel.org/sdf_ChangeLog.html), latest version now is 5.50.

Please add latest version to the repository.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in stunnel4 (Ubuntu):
status: New → Confirmed
Revision history for this message
GGrandes (ggrandes) wrote :

We have same problem, Ubuntu 18.04.4 LTS (stunnel 5.44 on x86_64-pc-linux-gnu platform):

...cut...
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/x509/x_name.c:92: 323949 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/asn1/tasn_new.c:302: 323959 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/bn/bn_lib.c:190: 215980 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/asn1/a_bitstr.c:117: 215980 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/evp/p_lib.c:142: 107992 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../ssl/ssl_sess.c:72: 107986 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../ssl/statem/extensions_clnt.c:1343: 107988 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/rsa/rsa_lib.c:52: 107985 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/asn1/tasn_utl.c:147: 107983 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/asn1/tasn_new.c:97: 107981 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/bn/bn_mont.c:232: 107987 allocations
Jul 22 09:25:42 srv stunnel[14589]: LOG4[107987]: Possible memory leak at ../crypto/stack/stack.c:198: 107975 allocations
Jul 22 09:25:49 srv systemd[1]: Stopping LSB: Start or stop stunnel 4.x (TLS tunnel for network daemons)...
Jul 22 09:25:49 srv stunnel[14576]: INTERNAL ERROR: Bad magic at ssl.c, line 117
Jul 22 09:25:49 srv stunnel4[9157]: Stopping TLS tunnels: ...cut... stopped
...cut...
Jul 22 09:25:49 srv systemd[1]: Starting LSB: Start or stop stunnel 4.x (TLS tunnel for network daemons)...
Jul 22 09:25:50 srv stunnel[9253]: LOG4[ui]: Service [foobar] uses "verifyChain" without subject checks
Jul 22 09:25:50 srv stunnel[9253]: LOG4[ui]: Use "checkHost" or "checkIP" to restrict trusted certificates
Jul 22 09:25:50 srv stunnel4[9197]: Starting TLS tunnels: ...cut... started
Jul 22 09:25:50 srv systemd[1]: Started LSB: Start or stop stunnel 4.x (TLS tunnel for network daemons).
Jul 22 09:25:52 srv stunnel[9216]: LOG2[5]: Double free attempt: ptr=0x7fb72c00c7a0 alloc=client.c:1398 free#1=client.c:1410 free#2=client.c:1410
Jul 22 09:25:54 srv stunnel[9216]: LOG2[11]: Double free attempt: ptr=0x7fb70800c7a0 alloc=client.c:1398 free#1=client.c:1410 free#2=client.c:1410
Jul 22 09:25:54 srv stunnel[9216]: LOG2[14]: Double free attempt: ptr=0x7fb70400c7a0 alloc=client.c:1398 free#1=client.c:1410 free#2=client.c:1410
Jul 22 09:26:00 srv stunnel[9216]: LOG2[17]: Double free attempt: ptr=0x7fb6fc01b1a0 alloc=client.c:1398 free#1=client.c:1410 free#2=client.c:1410
---

Revision history for this message
GGrandes (ggrandes) wrote :

And... not only logs, memory is really leaked:
---
## Before restart:
  PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
14589 root 20 0 2029276 1.460g 5016 S 1.0 75.0 18:14.70 /usr/bin/stunnel4 /etc/stunnel/foobar.conf
## After restart:
  PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
  580 root 20 0 390604 7084 5556 S 0.0 0.3 0:00.33 /usr/bin/stunnel4 /etc/stunnel/foobar.conf
---

Revision history for this message
gerald.yang (gerald-yang-tw) wrote :

it looks upgrading to 5.58 should fix the memory leak issue, from the release notes:
5.50: Fixed a memory leak in the WIN32 logging subsystem (this one should be unrelated)
5.57: Fixed memory leaks on configuration reloading errors
5.58: Fixed a tiny memory leak in configuration file reload error handling (thx to Richard Könning)

Is it possible to upgrade it to 5.58 on bionic?

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.