[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[lwip-devel] [bug #52916] pbuf leaked in altcp_mbedtls_lower_recv_proces

From: David GIRAULT
Subject: [lwip-devel] [bug #52916] pbuf leaked in altcp_mbedtls_lower_recv_process
Date: Tue, 16 Jan 2018 10:43:43 -0500 (EST)
User-agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36


                 Summary: pbuf leaked in altcp_mbedtls_lower_recv_process
                 Project: lwIP - A Lightweight TCP/IP stack
            Submitted by: dgirault
            Submitted on: Tue 16 Jan 2018 03:43:42 PM UTC
                Category: apps
                Severity: 3 - Normal
              Item Group: Faulty Behaviour
                  Status: None
                 Privacy: Public
             Assigned to: None
             Open/Closed: Open
         Discussion Lock: Any
         Planned Release: None
            lwIP version: git head



According to my tests, when client is configured to verify server CA chain,
one pbuf is leaked when handshake is failing because of CA certificate of the
server cannot be verified.

Install an invalid CA chain for the server you will connect to, set
MBEDTLS_SSL_VERIFY_REQUIRED with mbedtls_ssl_conf_authmode(), then monitor

Each times connection fail, one more PBUF is loose.

state->rx may be freed by altcp_mbedtls_lower_recv_process() when handshake
failed (because we may have more data queued from server) before err callback
is called.

Or altcp_mbedtls_close() must ensure state->rx is NULL by cleaning the pbuf


Reply to this item at:


  Message sent via/by Savannah

reply via email to

[Prev in Thread] Current Thread [Next in Thread]