|
From: | David GIRAULT |
Subject: | [lwip-devel] [bug #52902] memory leaks and more in altcp_tls_create_config_* |
Date: | Mon, 15 Jan 2018 11:33:04 -0500 (EST) |
User-agent: | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 |
URL: <http://savannah.nongnu.org/bugs/?52902> Summary: memory leaks and more in altcp_tls_create_config_* Project: lwIP - A Lightweight TCP/IP stack Submitted by: dgirault Submitted on: Mon 15 Jan 2018 04:33:03 PM UTC Category: apps Severity: 3 - Normal Item Group: Faulty Behaviour Status: None Privacy: Public Assigned to: None Open/Closed: Open Discussion Lock: Any Planned Release: None lwIP version: git head _______________________________________________________ Details: Using a static variable in altcp_tls_create_config_client() result in : - memory leak if called multiple time (more than one HTTPS connexion at a time) because mbedtls_x509_crt_init(&acc_cert) will reset acc_cert without freeing internal allocated buffer. - CA chain sharing for all created altcp_tls_config because mbedtls_ssl_conf_ca_chain() function does not copy the provided chain but only save a pointer to it. This result in all altcp_tls_config finally share the same CA chain, the last one loaded. A workaround is to include acc_cert inside `struct altcp_tls_config` and call mbedtls_x509_crt_free(). The same bug exist for `altcp_tls_create_config_server_privkey_cert`. _______________________________________________________ Reply to this item at: <http://savannah.nongnu.org/bugs/?52902> _______________________________________________ Message sent via/by Savannah http://savannah.nongnu.org/
[Prev in Thread] | Current Thread | [Next in Thread] |