Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Suppress leaky memory warning in OpenSSL's error handling
The leak was reported in ClickHouse/ClickHouse#63792 - a SSL session is established - somewhere down in OpenSSL, the per-thread error queue is clear'ed - when no error queue exists (e.g. because the thread was just spawned), a new error queue is allocated - the error queue is stored in TLS, and a free handler is registered which deletes it when the thread ends - Leak sanitizer does not understand ^^ (false positive) ``` Direct leak of 9944 byte(s) in 11 object(s) allocated from: #0 0x5571bf7e04cf in malloc (/usr/bin/clickhouse+0xa39a4cf) (BuildId: 06c4931100f632dde9d0ecd3cf6a67776742e29b) #1 0x5571ecbc06be in CRYPTO_malloc build_docker/./contrib/openssl/crypto/mem.c:202:11 #2 0x5571ecbc06be in CRYPTO_zalloc build_docker/./contrib/openssl/crypto/mem.c:222:11 #3 0x5571ecb03c6a in ossl_err_get_state_int build_docker/./contrib/openssl/crypto/err/err.c:691:17 #4 0x5571ecb037b5 in ERR_clear_error build_docker/./contrib/openssl/crypto/err/err.c:339:10 #5 0x5571ec9cf0d0 in state_machine build_docker/./contrib/openssl/ssl/statem/statem.c:366:5 #6 0x5571ec90c7d4 in SSL_do_handshake build_docker/./contrib/openssl/ssl/ssl_lib.c:4746:19 #7 0x5571e70cc501 in Poco::Net::SecureSocketImpl::connectSSL(bool) build_docker/./base/poco/NetSSL_OpenSSL/src/SecureSocketImpl.cpp:206:11 #8 0x5571e70cce6b in Poco::Net::SecureSocketImpl::connect(Poco::Net::SocketAddress const&, Poco::Timespan const&, bool) build_docker/./base/poco/NetSSL_OpenSSL/src/SecureSocketImpl.cpp:149:2 openssl#9 0x5571e70d81f7 in Poco::Net::SecureStreamSocketImpl::connect(Poco::Net::SocketAddress const&, Poco::Timespan const&) build_docker/./base/poco/NetSSL_OpenSSL/src/SecureStreamSocketImpl.cpp:87:8 openssl#10 0x5571e0ca708a in DB::Connection::connect(DB::ConnectionTimeouts const&) build_docker/./src/Client/Connection.cpp:158:29 ```
- Loading branch information