Use CRYPTO_push_info to find a memory leak in pkcs12.c.

CHANGES

@@ -436,8 +436,11 @@
 
   *) Add the possibility to add extra information to the memory leak
      detecting output, to form tracebacks, showing from where each
-     allocation was originated.  Also updated sid code to be multi-
-     thread-safe.
+     allocation was originated: CRYPTO_push_info("constant string") adds
+     the string plus current file name and line number to a per-thread
+     stack, CRYPTO_pop_info() does the obvious, CRYPTO_remove_all_info()
+     is like calling CYRPTO_pop_info() until the stack is empty.
+     Also updated memory leak detection code to be multi-thread-safe.
      [Richard Levitte]
 
   *) Add options -text and -noout to pkcs7 utility and delete the
@@ -473,11 +476,11 @@
      for all purposes.
      [Steve Henson]
 
-  *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).  The
-     problem was that one of the replacement routines had not been working since
-     SSLeay releases.  For now the offending routine has been replaced with
-     non-optimised assembler.  Even so, this now gives around 95% performance
-     improvement for 1024 bit RSA signs.
+  *) Fix assembler for Alpha (tested only on DEC OSF not Linux or *BSD).
+     The problem was that one of the replacement routines had not been working
+     since SSLeay releases.  For now the offending routine has been replaced
+     with non-optimised assembler.  Even so, this now gives around 95%
+     performance improvement for 1024 bit RSA signs.
      [Mark Cox]
 
   *) Hack to fix PKCS#7 decryption when used with some unorthodox RC2 

apps/pkcs12.c

@@ -61,6 +61,7 @@
 #include <stdio.h>
 #include <stdlib.h>
 #include <string.h>
+#include <openssl/crypto.h>
 #include <openssl/des.h>
 #include <openssl/pem.h>
 #include <openssl/err.h>
@@ -264,6 +265,10 @@ int MAIN(int argc, char **argv)
 
     ERR_load_crypto_strings();
 
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("read files");
+#endif
+
     if (!infile) in = BIO_new_fp(stdin, BIO_NOCLOSE);
     else in = BIO_new_file(infile, "rb");
     if (!in) {
@@ -289,6 +294,11 @@ int MAIN(int argc, char **argv)
 	}
      }
 
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+    CRYPTO_push_info("write files");
+#endif
+
     if (!outfile) out = BIO_new_fp(stdout, BIO_NOCLOSE);
     else out = BIO_new_file(outfile, "wb");
     if (!out) {
@@ -298,11 +308,17 @@ int MAIN(int argc, char **argv)
 	goto end;
     }
     if (twopass) {
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("read MAC password");
+#endif
 	if(EVP_read_pw_string (macpass, 50, "Enter MAC Password:", export_cert))
 	{
     	    BIO_printf (bio_err, "Can't read Password\n");
     	    goto end;
        	}
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+#endif
     }
 
     if (export_cert) {
@@ -317,6 +333,10 @@ int MAIN(int argc, char **argv)
 	int i;
 	unsigned char keyid[EVP_MAX_MD_SIZE];
 	unsigned int keyidlen = 0;
+
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_push_info("process -export_cert");
+#endif
 	key = PEM_read_bio_PrivateKey(inkey ? inkey : in, NULL, NULL, NULL);
 	if (!inkey) (void) BIO_reset(in);
 	else BIO_free(inkey);
@@ -440,6 +460,10 @@ int MAIN(int argc, char **argv)
 	PKCS12_free(p12);
 
 	ret = 0;
+
+#ifdef CRYPTO_MDEBUG
+	CRYPTO_pop_info();
+#endif
 	goto end;
 	
     }
@@ -449,30 +473,52 @@ int MAIN(int argc, char **argv)
 	goto end;
     }
 
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("read import password");
+#endif
     if(!noprompt && EVP_read_pw_string(pass, 50, "Enter Import Password:", 0)) {
 	BIO_printf (bio_err, "Can't read Password\n");
 	goto end;
     }
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+#endif
 
     if (!twopass) strcpy(macpass, pass);
 
     if (options & INFO) BIO_printf (bio_err, "MAC Iteration %ld\n", p12->mac->iter ? ASN1_INTEGER_get (p12->mac->iter) : 1);
     if(macver) {
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("verify MAC");
+#endif
 	if (!PKCS12_verify_mac (p12, mpass, -1)) {
 	    BIO_printf (bio_err, "Mac verify errror: invalid password?\n");
 	    ERR_print_errors (bio_err);
 	    goto end;
 	} else BIO_printf (bio_err, "MAC verified OK\n");
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+#endif
     }
 
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_push_info("output keys and certificates");
+#endif
     if (!dump_certs_keys_p12 (out, p12, cpass, -1, options)) {
 	BIO_printf(bio_err, "Error outputting keys and certificates\n");
 	ERR_print_errors (bio_err);
 	goto end;
     }
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_pop_info();
+#endif
     PKCS12_free(p12);
     ret = 0;
     end:
+#ifdef CRYPTO_MDEBUG
+    CRYPTO_remove_all_info();
+#endif
+    BIO_free(in);
     BIO_free(out);
     EXIT(ret);
 }
@@ -599,7 +645,7 @@ int get_cert_chain (X509 *cert, STACK_OF(X509) **chain)
 	X509_STORE_CTX store_ctx;
 	STACK_OF(X509) *chn;
 	int i;
-	X509 *x;
+
 	store = X509_STORE_new ();
 	X509_STORE_set_default_paths (store);
 	X509_STORE_CTX_init(&store_ctx, store, cert, NULL);