Issue #9743 has been updated by Nobuyoshi Nakada.

Description updated
Backport changed from 2.0.0: UNKNOWN, 2.1: UNKNOWN to 1.9.3: REQUIRED, 2.0.0: REQUIRED, 2.1: REQUIRED

----------------------------------------
Bug #9743: memory leak in openssl ossl_pkey_verify leaks memory
https://bugs.ruby-lang.org/issues/9743#change-46223

* Author: Joel Westerberg
* Status: Closed
* Priority: Normal
* Assignee: 
* Category: 
* Target version: 
* ruby -v: 2.1.1
* Backport: 1.9.3: REQUIRED, 2.0.0: REQUIRED, 2.1: REQUIRED
----------------------------------------
repeated calls to `pub_key.verify(digest, signature, data)` leaks memory. 

from what I can gather from the openssl documentation, there seems to be a missing call to `EVP_MD_CTX_cleanup()`

FILE: ossl_pkey.c 

~~~C
326    EVP_VerifyUpdate(&ctx, RSTRING_PTR(data), RSTRING_LEN(data));
327    switch (EVP_VerifyFinal(&ctx, (unsigned char *)RSTRING_PTR(sig), RSTRING_LENINT(sig), pkey)) {
328    case 0:
~~~

from the openssl docs:

http://www.openssl.org/docs/crypto/EVP_VerifyInit.html

> The call to `EVP_VerifyFinal()` internally finalizes a copy of the digest context. This means that calls to `EVP_VerifyUpdate()` and `EVP_VerifyFinal()` can be called later to digest and verify additional data.
> Since only a copy of the digest context is ever finalized the context must be cleaned up after use by calling `EVP_MD_CTX_cleanup()` or a memory leak will occur.




-- 
https://bugs.ruby-lang.org/