From f690ffa53c999fd743d9f3e37419326fb75423cd Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 12:39:13 +0100 Subject: [PATCH 1/2] Fix ordering of free()ing of internal structures in ssl_server2 If `MBEDTLS_MEMORY_BUFFER_ALLOC_C` is configured and Mbed TLS' custom buffer allocator is used for calloc() and free(), the read buffer used by the server example application is allocated from the buffer allocator, but freed after the buffer allocator has been destroyed. If memory backtracing is enabled, this leaves a memory leak in the backtracing structure allocated for the buffer, as found by valgrind. Fixes #2069. --- programs/ssl/ssl_server2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index a770f1b89..df1fa1825 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2538,6 +2538,8 @@ exit: mbedtls_ssl_cookie_free( &cookie_ctx ); #endif + mbedtls_free( buf ); + #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #if defined(MBEDTLS_MEMORY_DEBUG) mbedtls_memory_buffer_alloc_status(); @@ -2545,7 +2547,6 @@ exit: mbedtls_memory_buffer_alloc_free(); #endif - mbedtls_free( buf ); mbedtls_printf( " done.\n" ); #if defined(_WIN32) From 591cdb0daa21e26e512b7affc670772736836197 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 12:44:35 +0100 Subject: [PATCH 2/2] Adapt ChangeLog --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index 0a9dc4f8d..0112d22b8 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,10 @@ Bugfix MBEDTLS_THREADING_C is defined. Found by TrinityTonic, #1095 * Fix a bug in the update function for SSL ticket keys which previously invalidated keys of a lifetime of less than a 1s. Fixes #1968. + * Fix wrong order of freeing in programs/ssl/ssl_server2 example + application leading to a memory leak in case both + MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE are set. + Fixes #2069. Changes * Add tests for session resumption in DTLS.