SDK-6.4 TLS SSL Cache memory leak

Tip / Sign in to post questions, reply, level up, and achieve exciting badges. Know more

cross mob
user_3663311
Level 3
Level 3
First like received

Hello,

it seems that wiced_tls.c file has a memory leak issue when WICED_TLS_CLI_CACHE_SEEION is defined.
When new connection starts ip address is cached for future use and it is done by calling:
add_ssl_cache_entry

in this function dynamic memory is allocated with:

entry = (wiced_ssl_cache_entry *) calloc ( 1,  sizeof(wiced_ssl_cache_entry ) );

This allocation part is fine, however the problem occurs whenever cached entry count reaches max defined entries:

if ( count > wiced_ssl_cache.max_entries )

In this if statement link list removes one entry as it should do, however it does not free previously allocated memory:
linked_list_remove_node_from_rear( &wiced_ssl_cache.cache_list, &removed_node );

0 Likes
1 Solution

After some testing I have found that memory also needs to be deallocated after session ID expires.

Here are my changes in wiced_tls.c file:

if( memcmp( tls_session.id, cache_entry->tls_session.id, tls_session.id_len ) != 0 )

{

    /* session is present in the cache list, but server has sent new session ID due to session expiration */

    linked_list_remove_node( &wiced_ssl_cache.cache_list, &cache_entry->this_node );

+   free(&cache_entry->this_node);

    add_ssl_cache_entry( &ip_address, port, &tls_session );

}

View solution in original post

5 Replies
user_3663311
Level 3
Level 3
First like received

By deallocating released node I have found that memory leak issue is fixed. Here are my changes in wiced_tls.c file:

     if ( count > wiced_ssl_cache.max_entries )

     {

          linked_list_remove_node_from_rear( &wiced_ssl_cache.cache_list, &removed_node );

+          if (NULL != removed_node)
+         {
+               free(removed_node);
+          }
     }

Cypress, please confirm that this fix is valid.

After some testing I have found that memory also needs to be deallocated after session ID expires.

Here are my changes in wiced_tls.c file:

if( memcmp( tls_session.id, cache_entry->tls_session.id, tls_session.id_len ) != 0 )

{

    /* session is present in the cache list, but server has sent new session ID due to session expiration */

    linked_list_remove_node( &wiced_ssl_cache.cache_list, &cache_entry->this_node );

+   free(&cache_entry->this_node);

    add_ssl_cache_entry( &ip_address, port, &tls_session );

}

Hi,

Can you please share us your code example or provide information about the cached entry count reaching  max defined entries in your application. I will check more and try to reproduce the issue.

Thanks.

Hi,

unfortunately I can not share my code. However I will provide my configuration and functions that I call.
First of all I connect to access point to get access to the internet. After successful connection I try to send/receive data to our company server via HTTPS. For data transfer I am using wiced_https_get.

I have defined WICED_TLS_DEFAULT_VERIFICATION as TLS_NO_VERIFICATION, that way I am not reading certificate key from DCT region.

wiced_https_get function calls:

wiced_tcp_connect -> wiced_tcp_start_tls -> wiced_generic_start_tls_with_ciphers

At this point we are in wiced_tls.c file.

In configuration file I have defined WICED_TLS_CLI_CACHE_SESSION and WICED_TLS_CLI_CACHE_ENTRIES (2).

For faster leak reproduction you can define WICED_TLS_CLI_CACHE_ENTRIES with lower value (1).

On first data transfer you will notice that session is cached with add_ssl_cache_entry function. Memory is allocated for this entry.

Now wait and for session id to expire, eventually you should run out of dynamic memory.


I hope this is enough information to reproduce the issue.

0 Likes

Hi,

I tried with the information provided and unfortunately I am unable to reproduce the issue to trace the memory leak in my setup.

Can you please send me the memory leak screenshot or debug logs.

Thanks.

0 Likes