fooinha/nginx-ssl-ja3

Memory leak?

Closed this issue · 0 comments

bartebor commented

It looks like nginx is loosing memory on accepting new ssl connections.
Simple stresstest against debug version from docker shows constantly increasing memory usage.

How to reproduce using docker:

# compile nginx with ASAN disabled:
$ ./auto/configure --add-module=/build/nginx-ssl-ja3 --with-http_ssl_module --with-stream_ssl_module --with-debug --with-stream --with-cc-opt=" -O -fno-omit-frame-pointer" --with-ld-opt="-L/usr/local/lib -Wl,-E"
$ make install
$ valgrind --trace-children=yes --leak-check=full --show-leak-kinds=all nginx

# on some other terminal
wrk -c10 -t1 -d60 -H'Connection: close' https://127.0.0.1
Running 1m test @ https://127.0.0.1
  1 threads and 10 connections
  Thread Stats   Avg      Stdev     Max   +/- Stdev
    Latency    12.22ms    1.37ms  85.89ms   93.62%
    Req/Sec   123.37     15.93   141.00     95.76%
  7241 requests in 1.00m, 4.17MB read
Requests/sec:    120.48
Transfer/sec:     71.07KB

# hit Ctrl-C in nginx console:
[...]
==18042== 4,121,558 (3,644,424 direct, 477,134 indirect) bytes in 7,231 blocks are definitely lost in loss record 25 of 25
==18042==    at 0x483577F: malloc (vg_replace_malloc.c:299)
==18042==    by 0x4B8787D: CRYPTO_malloc (mem.c:222)
==18042==    by 0x4B878B0: CRYPTO_zalloc (mem.c:230)
==18042==    by 0x496CE46: SSL_SESSION_new (ssl_sess.c:72)
==18042==    by 0x49557FB: d2i_SSL_SESSION (ssl_asn1.c:254)
==18042==    by 0x499ECA8: tls_decrypt_ticket (t1_lib.c:1408)
==18042==    by 0x499E7E2: tls_get_ticket_from_client (t1_lib.c:1249)
==18042==    by 0x496DEE9: ssl_get_prev_session (ssl_sess.c:553)
==18042==    by 0x4995048: tls_early_post_process_client_hello (statem_srvr.c:1800)
==18042==    by 0x49960B7: tls_post_process_client_hello (statem_srvr.c:2218)
==18042==    by 0x4993B8A: ossl_statem_server_post_process_message (statem_srvr.c:1214)
==18042==    by 0x49802AA: read_state_machine (statem.c:661)
==18042== 
==18042== LEAK SUMMARY:
==18042==    definitely lost: 3,649,472 bytes in 7,242 blocks
==18042==    indirectly lost: 481,764 bytes in 14,520 blocks
==18042==      possibly lost: 443,066 bytes in 7 blocks
==18042==    still reachable: 11,974 bytes in 142 blocks
==18042==         suppressed: 0 bytes in 0 blocks

I tried this also on my own nginx with JA3 module with similar outcome. The same version without JA3 does not leak.