5 Replies Latest reply on Feb 21, 2020 6:13 AM by KotnaniK_71

    SDK-6.4 TLS SSL Cache memory leak

    user_3663311

      Hello,

       

      it seems that wiced_tls.c file has a memory leak issue when WICED_TLS_CLI_CACHE_SEEION is defined.
      When new connection starts ip address is cached for future use and it is done by calling:
      add_ssl_cache_entry

      in this function dynamic memory is allocated with:

      entry = (wiced_ssl_cache_entry *) calloc ( 1,  sizeof(wiced_ssl_cache_entry ) );

       

      This allocation part is fine, however the problem occurs whenever cached entry count reaches max defined entries:

      if ( count > wiced_ssl_cache.max_entries )

      In this if statement link list removes one entry as it should do, however it does not free previously allocated memory:
      linked_list_remove_node_from_rear( &wiced_ssl_cache.cache_list, &removed_node );

        • 1. Re: SDK-6.4 TLS SSL Cache memory leak
          user_3663311

          By deallocating released node I have found that memory leak issue is fixed. Here are my changes in wiced_tls.c file:

           

               if ( count > wiced_ssl_cache.max_entries )

               {

                    linked_list_remove_node_from_rear( &wiced_ssl_cache.cache_list, &removed_node );

          +          if (NULL != removed_node)
          +         {
          +               free(removed_node);
          +          }
               }

           

          Cypress, please confirm that this fix is valid.

          • 2. Re: SDK-6.4 TLS SSL Cache memory leak
            user_3663311

            After some testing I have found that memory also needs to be deallocated after session ID expires.

            Here are my changes in wiced_tls.c file:

             

            if( memcmp( tls_session.id, cache_entry->tls_session.id, tls_session.id_len ) != 0 )

            {

                /* session is present in the cache list, but server has sent new session ID due to session expiration */

                linked_list_remove_node( &wiced_ssl_cache.cache_list, &cache_entry->this_node );

            +   free(&cache_entry->this_node);

                add_ssl_cache_entry( &ip_address, port, &tls_session );

            }

            • 3. Re: SDK-6.4 TLS SSL Cache memory leak
              KotnaniK_71

              Hi,

               

              Can you please share us your code example or provide information about the cached entry count reaching  max defined entries in your application. I will check more and try to reproduce the issue.

               

              Thanks.

              1 of 1 people found this helpful
              • 4. Re: SDK-6.4 TLS SSL Cache memory leak
                user_3663311

                Hi,

                 

                unfortunately I can not share my code. However I will provide my configuration and functions that I call.
                First of all I connect to access point to get access to the internet. After successful connection I try to send/receive data to our company server via HTTPS. For data transfer I am using wiced_https_get.

                 

                 

                 

                I have defined WICED_TLS_DEFAULT_VERIFICATION as TLS_NO_VERIFICATION, that way I am not reading certificate key from DCT region.

                wiced_https_get function calls:

                wiced_tcp_connect -> wiced_tcp_start_tls -> wiced_generic_start_tls_with_ciphers

                 

                 

                At this point we are in wiced_tls.c file.

                In configuration file I have defined WICED_TLS_CLI_CACHE_SESSION and WICED_TLS_CLI_CACHE_ENTRIES (2).

                For faster leak reproduction you can define WICED_TLS_CLI_CACHE_ENTRIES with lower value (1).

                 

                On first data transfer you will notice that session is cached with add_ssl_cache_entry function. Memory is allocated for this entry.

                Now wait and for session id to expire, eventually you should run out of dynamic memory.


                I hope this is enough information to reproduce the issue.

                • 5. Re: SDK-6.4 TLS SSL Cache memory leak
                  KotnaniK_71

                  Hi,

                   

                  I tried with the information provided and unfortunately I am unable to reproduce the issue to trace the memory leak in my setup.

                  Can you please send me the memory leak screenshot or debug logs.

                   

                  Thanks.