From 7c2f2f3266e80a558f403bccb6e921ab32a24284 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 12:39:13 +0100 Subject: [PATCH 1/2] Fix ordering of free()ing of internal structures in ssl_server2 If `MBEDTLS_MEMORY_BUFFER_ALLOC_C` is configured and Mbed TLS' custom buffer allocator is used for calloc() and free(), the read buffer used by the server example application is allocated from the buffer allocator, but freed after the buffer allocator has been destroyed. If memory backtracing is enabled, this leaves a memory leak in the backtracing structure allocated for the buffer, as found by valgrind. Fixes #2069. --- programs/ssl/ssl_server2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 5e6a705e1a..3951b835f0 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -2495,6 +2495,8 @@ exit: mbedtls_ssl_cookie_free( &cookie_ctx ); #endif + mbedtls_free( buf ); + #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #if defined(MBEDTLS_MEMORY_DEBUG) mbedtls_memory_buffer_alloc_status(); @@ -2502,7 +2504,6 @@ exit: mbedtls_memory_buffer_alloc_free(); #endif - mbedtls_free( buf ); mbedtls_printf( " done.\n" ); #if defined(_WIN32) From d6a0ed169f263cce2433cff109e6c6de79ff62dc Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 12:44:35 +0100 Subject: [PATCH 2/2] Adapt ChangeLog --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index 8c82d08d1f..02e980184a 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,10 @@ Bugfix MBEDTLS_THREADING_C is defined. Found by TrinityTonic, #1095 * Fix a bug in the update function for SSL ticket keys which previously invalidated keys of a lifetime of less than a 1s. Fixes #1968. + * Fix wrong order of freeing in programs/ssl/ssl_server2 example + application leading to a memory leak in case both + MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE are set. + Fixes #2069. Changes * Add tests for session resumption in DTLS.