[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #52902] memory leaks and more in altcp_tls_create_conf

From: David GIRAULT
Subject: [lwip-devel] [bug #52902] memory leaks and more in altcp_tls_create_config_*
Date: Mon, 15 Jan 2018 11:33:04 -0500 (EST)
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36


                 Summary: memory leaks and more in altcp_tls_create_config_*
                 Project: lwIP - A Lightweight TCP/IP stack
            Submitted by: dgirault
            Submitted on: Mon 15 Jan 2018 04:33:03 PM UTC
                Category: apps
                Severity: 3 - Normal
              Item Group: Faulty Behaviour
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None
            lwIP version: git head



Using a static variable in altcp_tls_create_config_client() result in :

- memory leak if called multiple time (more than one HTTPS connexion at a
time) because mbedtls_x509_crt_init(&acc_cert) will reset acc_cert without
freeing internal allocated buffer.

- CA chain sharing for all created altcp_tls_config because
mbedtls_ssl_conf_ca_chain() function does not copy the provided chain but only
save a pointer to it. This result in all altcp_tls_config finally share the
same CA chain, the last one loaded.

A workaround is to include acc_cert inside `struct altcp_tls_config` and call

The same bug exist for `altcp_tls_create_config_server_privkey_cert`.


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]