From 095d9cf58ee365f32df5472941df05aa99c93ba6 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 12:39:13 +0100 Subject: [PATCH 1/2] Fix ordering of free()ing of internal structures in ssl_server2 If `MBEDTLS_MEMORY_BUFFER_ALLOC_C` is configured and Mbed TLS' custom buffer allocator is used for calloc() and free(), the read buffer used by the server example application is allocated from the buffer allocator, but freed after the buffer allocator has been destroyed. If memory backtracing is enabled, this leaves a memory leak in the backtracing structure allocated for the buffer, as found by valgrind. Fixes #2069. --- programs/ssl/ssl_server2.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/programs/ssl/ssl_server2.c b/programs/ssl/ssl_server2.c index 4eac51f74..efda65d23 100644 --- a/programs/ssl/ssl_server2.c +++ b/programs/ssl/ssl_server2.c @@ -3146,6 +3146,8 @@ exit: mbedtls_ssl_cookie_free( &cookie_ctx ); #endif + mbedtls_free( buf ); + #if defined(MBEDTLS_MEMORY_BUFFER_ALLOC_C) #if defined(MBEDTLS_MEMORY_DEBUG) mbedtls_memory_buffer_alloc_status(); @@ -3153,7 +3155,6 @@ exit: mbedtls_memory_buffer_alloc_free(); #endif - mbedtls_free( buf ); mbedtls_printf( " done.\n" ); #if defined(_WIN32) From abe6003f5aae7206b0545a6fd9e090bcfc9b1422 Mon Sep 17 00:00:00 2001 From: Hanno Becker Date: Tue, 9 Oct 2018 12:44:35 +0100 Subject: [PATCH 2/2] Adapt ChangeLog --- ChangeLog | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ChangeLog b/ChangeLog index 513f24f3a..c6f90320f 100644 --- a/ChangeLog +++ b/ChangeLog @@ -7,6 +7,10 @@ Bugfix invalidated keys of a lifetime of less than a 1s. Fixes #1968. * Fix failure in hmac_drbg in the benchmark sample application, when MBEDTLS_THREADING_C is defined. Found by TrinityTonic, #1095 + * Fix wrong order of freeing in programs/ssl/ssl_server2 example + application leading to a memory leak in case both + MBEDTLS_MEMORY_BUFFER_ALLOC_C and MBEDTLS_MEMORY_BACKTRACE are set. + Fixes #2069. Changes * Add tests for session resumption in DTLS.