4 Replies Latest reply on Feb 12, 2020 11:56 PM by user_3663311

    SDK-6.4 TLS SSL Cache memory leak




      it seems that wiced_tls.c file has a memory leak issue when WICED_TLS_CLI_CACHE_SEEION is defined.
      When new connection starts ip address is cached for future use and it is done by calling:

      in this function dynamic memory is allocated with:

      entry = (wiced_ssl_cache_entry *) calloc ( 1,  sizeof(wiced_ssl_cache_entry ) );


      This allocation part is fine, however the problem occurs whenever cached entry count reaches max defined entries:

      if ( count > wiced_ssl_cache.max_entries )

      In this if statement link list removes one entry as it should do, however it does not free previously allocated memory:
      linked_list_remove_node_from_rear( &wiced_ssl_cache.cache_list, &removed_node );

        • 1. Re: SDK-6.4 TLS SSL Cache memory leak

          By deallocating released node I have found that memory leak issue is fixed. Here are my changes in wiced_tls.c file:


               if ( count > wiced_ssl_cache.max_entries )


                    linked_list_remove_node_from_rear( &wiced_ssl_cache.cache_list, &removed_node );

          +          if (NULL != removed_node)
          +         {
          +               free(removed_node);
          +          }


          Cypress, please confirm that this fix is valid.

          • 2. Re: SDK-6.4 TLS SSL Cache memory leak

            After some testing I have found that memory also needs to be deallocated after session ID expires.

            Here are my changes in wiced_tls.c file:


            if( memcmp( tls_session.id, cache_entry->tls_session.id, tls_session.id_len ) != 0 )


                /* session is present in the cache list, but server has sent new session ID due to session expiration */

                linked_list_remove_node( &wiced_ssl_cache.cache_list, &cache_entry->this_node );

            +   free(&cache_entry->this_node);

                add_ssl_cache_entry( &ip_address, port, &tls_session );


            • 3. Re: SDK-6.4 TLS SSL Cache memory leak



              Can you please share us your code example or provide information about the cached entry count reaching  max defined entries in your application. I will check more and try to reproduce the issue.



              1 of 1 people found this helpful
              • 4. Re: SDK-6.4 TLS SSL Cache memory leak



                unfortunately I can not share my code. However I will provide my configuration and functions that I call.
                First of all I connect to access point to get access to the internet. After successful connection I try to send/receive data to our company server via HTTPS. For data transfer I am using wiced_https_get.




                I have defined WICED_TLS_DEFAULT_VERIFICATION as TLS_NO_VERIFICATION, that way I am not reading certificate key from DCT region.

                wiced_https_get function calls:

                wiced_tcp_connect -> wiced_tcp_start_tls -> wiced_generic_start_tls_with_ciphers



                At this point we are in wiced_tls.c file.

                In configuration file I have defined WICED_TLS_CLI_CACHE_SESSION and WICED_TLS_CLI_CACHE_ENTRIES (2).

                For faster leak reproduction you can define WICED_TLS_CLI_CACHE_ENTRIES with lower value (1).


                On first data transfer you will notice that session is cached with add_ssl_cache_entry function. Memory is allocated for this entry.

                Now wait and for session id to expire, eventually you should run out of dynamic memory.

                I hope this is enough information to reproduce the issue.