1 (edited by akhi_gangwar 2020-02-03 03:17:54)

Topic: Error:out of memory while doing wolfssl_connect

Hi All,
I am getting this error while using wolfSSL_connect api. The error doesn't come at first. But after reconnecting to 2nd or 3rd time, I am getting this error-
Error:out of memory: handle=0x2003256c, size=1664
error is -353

I am using ret = wolfSSL_connect(ssl); where,
- ssl is a local variable that is assigned to a global variable, wolfssl * ssl_cmd to keep the wolfssl alive for other functions.
- After successfully completing the operations, before reconnecting, I am closing the ssl_cmd in this way-
                                        wolfSSL_free(ssl_cmd);
                                         close(sock1);
                                          exitApp(ctx);
I should not get this error but I dont know why I am getting this.
Please see what can be done.

Thanks

Share

Re: Error:out of memory while doing wolfssl_connect

@akhi_gangwar,

Can you tell us a bit about the background on this project and what/whom is driving the effort? Is this an evaluation or comparison of wolfSSL to another solution or is this a hobby project or something else? Looking forward to hearing more.

This definitely sounds like a memory leak given you are able to connect once or twice before getting an out of memory error, please double check you are freeing what you think you are. Also double check that for every new there is a free before a subsequent call to new. For example you showed above that wolfSSL_free(ssl_cmd) is only called when exitApp is called which seems to indicate you are shutting down entirely but if you are not shutting down and you are connecting again before shutdown to you first free the ssl object before calling wolfSSL_new() again? Same for the WOLFSSL_CTX factory which is used to create the WOLFSSL objects, are your making a new WOLFSSL_CTX factory on each re-connect? If so are you also freeing that WOLFSSL_CTX factory every time you disconnect?

Warm Regards,

K

Re: Error:out of memory while doing wolfssl_connect

@akhi_gangware,

One way to confirm you are freeing the global is to print the actual pointer value, you mentioned ssl is local and set to the global, when calling wolfSSL_new() try printing out the pointer value:

printf("ssl pointer = %p\n", ssl);

When freeing the global print the pointer value:

printf("global pointer = %p\n", ssl_cmd);

Are they the same memory location or are you freeing something other than what wolfSSL_new() got assigned to?

Regards,

K

4 (edited by akhi_gangwar 2020-02-04 03:22:27)

Re: Error:out of memory while doing wolfssl_connect

Hi Kaleb,
Thanks for the information. I am trying explicit ftps where I am creating a command channel and data channel. There is a local variable WOLFSSL * ssl which is creating the tls and after creating, I am assigning this to a global variable WOLFSSL * ssl_cmd
in this way-
ssl_cmd = ssl;
In the same way, while creating the data channel, I am doing - ssl_data=ssl;
There are two different functions for command and data. WOLFSSL * ssl is the local variable to that function and WOLFSSL *ssl_cmd, *ssl_data are two global variable.
The values are-
            print("local ssl for data is %d ", ssl,"");
            print("ssl_data is %d ", ssl_data,"");
            print("ctx1 is %d: ", ctx1,"");
local ssl for data is 169672  // while creating
ssl_data is 169672
ctx1 is 169672:

values before freeing up-  // another function where ssl_data and ctx1 (global variable) are being used
ssl_data is 153932
ctx1 is 153932

Why these two values are changed in 2nd function? I think this is the cause I am getting the memory error. Also, but each time the memory locations are the same

I also tried to avoid local variable. Only global variable and freeing the same. But same error is occuring.

Share

Re: Error:out of memory while doing wolfssl_connect

akhi_gangwar,

Instead of %d (integer) try using %p (pointer address). Those should be pointers.

Warm Regards,

K

Re: Error:out of memory while doing wolfssl_connect

HI Kaleb,
Please see. I tried what you said.

local ssl_cmd for command is @00027ddc
ssl_cmd is @00027ddc
ctx is @00027ddc

before freeing cmd pointers:
ssl_cmd is @0001ebb4
ctx is @0001ebb4


local ssl_data for data is @000296c0
ssl_data is @000296c0
ctx1 is @000296c0

before freeing the data pointers, values are :
ssl_data is @00025948
ctx1 is @00025948

Before freeing, the values are changed. Same behavior. Please check.

Share

Re: Error:out of memory while doing wolfssl_connect

akhi_gangwar,

This is what I suspected. The address is changing so what you are calling free on is not the original structure that was allocated.

Could you try changing the receiving function to expect a struct A** instead of a struct A* and then pass &A from the calling function? Let me know if the pointer values sync up after that!


Warm Regards,

K

Re: Error:out of memory while doing wolfssl_connect

Hi Kaleb,
I tried that too but could not make it right. Still, I am getting the same error.
I am posting my relevant code. Please check.

WOLFSSL *ssl_cmd=NULL,  *ssl_data=NULL;
WOLFSSL_CTX* ctx=NULL, *ctx1=NULL;
int sock1, sock3;

void exitApp(WOLFSSL_CTX* ctx)
{
    if (ctx != NULL)
    {
        wolfSSL_CTX_free(ctx);
        wolfSSL_Cleanup();
    }
    // BIOS_exit(-1);
}
int start_TLS(  WOLFSSL **ssl)
{
    int ret, valread;
 //   WOLFSSL *ssl;

    Error_Block eb;
    int nbytes;
    char *buffer;
    char msg[50] = { };
    char buff[512];
    memset(buff, 0, 512);

    //   fdOpenSession(TaskSelf());
    Error_init(&eb);
    wolfSSL_Init();
    ctx = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
    if (ctx == 0)
    {
        logg("****Error****: WolfSSL_CTX error", "");

        exitApp(ctx);
        return -1;
    }
    // cert
    uint8_t *der = NULL;
    uint32_t len, ret1;

    ret1 = CertConv_pem2der(ca_cert, sizeof_ca_cert, &der, &len);
    if (ret1 != 0)
    {
        logg("***Error***: cert conversion to .der fail", "");
        return -1;
    }
    int status = wolfSSL_CTX_load_verify_buffer(ctx, der, len,
                                                SSL_FILETYPE_ASN1);
    if (status != SSL_SUCCESS)
    {
        logg("tcpHandler: Error loading ca_cert_der_2048\n", "");
        exitApp(ctx);
        return -1;
    }

    strcpy(msg, "AUTH TLS\r\n");
    ret = send(sock1, msg, strlen(msg), 0);
    valread = recv(sock1, buff, sizeof(buff) - 1, 0);

    *ssl = wolfSSL_new(ctx);
    if (*ssl == NULL)
    {
        logg("tcpHandler: wolfSSL_new error.\n", "");
        exitApp(ctx);
        return -1;
    }

    wolfSSL_set_fd(*ssl, sock1);
    ret = wolfSSL_connect(*ssl);
    int err;
    char err_buffer[80];
    err = wolfSSL_get_error(*ssl, 0);

    if (ret == SSL_SUCCESS)
    {
        logg("TLS successful", "");
        sock1 = wolfSSL_get_fd(*ssl);

        /* Get a buffer to receive incoming packets. Use the default heap. */
        buffer = Memory_alloc(NULL, 512, 0, &eb);

        if (buffer == NULL)
        {
            logg("tcpWorker: failed to alloc memory\n", "");
            exitApp(ctx);
            return -1;
        }

        strcpy(msg, "PBSZ 0\r\n");
        if (wolfSSL_send(*ssl, msg, strlen(msg), 0) != strlen(msg))
        {
            ret = wolfSSL_get_error(*ssl, 0);
            logInt("Write error: %i.\n", "", ret);
        }

        nbytes = wolfSSL_recv(*ssl, (char *) buffer, 512, 0);
        if (nbytes <= 0)
        {
            logg("***error: Reading failed", "");
            return -1;
        }
        else
            logStr("PBSZ 0 is successfull %s", "", buffer);

        strcpy(msg, "PROT P\r\n");
        if (wolfSSL_write(*ssl, msg, strlen(msg)) != strlen(msg))
        {
            ret = wolfSSL_get_error(*ssl, 0);
            logInt("Write error: %i.\n", "", ret);
            return -1;
        }

        nbytes = wolfSSL_read(*ssl, (char *) buffer, 512);
        if (nbytes <= 0)
        {
            logg("***error: Reading failed", "");
            return -1;
        }
        else
            logStr("PROT P is successfull %s", "", buffer);

     //   ssl_cmd = ssl;

        logInt("local ssl for command is %p ", *ssl,"");
        logInt("ssl_data is %p ", ssl_cmd,"");
        logInt("ctx is %p ", ctx,"");


        Memory_free(NULL, buffer, 512);
    }

    // wolfSSL_free(ssl_cmd);
    // fdClose((SOCKET) sockfd);
    // flag = false;

    else
    {
        wolfSSL_free(*ssl);
        //  fdClose((SOCKET) sockfd);
        logg("wolfSSL_connect failed.\n", "");
        //         fdCloseSession(TaskSelf());
        close(sock1);
        exitApp(ctx);
        return -1;
    }

    return 0;
}
int check = 0;

int createFtpDataSocket(WOLFSSL **ssl, char *ipAddress, int portNr)
{

    int sockfd;
    struct sockaddr_in servAddr;
    int ret, valread;
    unsigned char cert[sizeof_ca_cert];
    strcpy(cert, ca_cert);

   // WOLFSSL *ssl;

    Error_Block eb;
    bool flag = true;
    bool internal_flag = true;
    int nbytes;
    char *buffer;
    char msg[50] = { };
    char buff[512];
    memset(buff, 0, 512);

//   fdOpenSession(TaskSelf());
    Error_init(&eb);
    wolfSSL_Init();
//WOLFSSL_CTX* ctx = NULL;

    ctx1 = wolfSSL_CTX_new(wolfTLSv1_2_client_method());
    if (ctx1 == 0)
    {
        logg("****Error****: WolfSSL_CTX error", "");

        exitApp(ctx1);
        return -1;
    }
//SSL_FILETYPE_PEM
    uint8_t *der = NULL;
    uint32_t len, ret1;

    ret1 = CertConv_pem2der(ca_cert, sizeof_ca_cert, &der, &len);
    if (ret1 != 0)
    {
        logg("***Error***: cert conversion to .der fail", "");
        return -1;
    }
    int status = wolfSSL_CTX_load_verify_buffer(ctx1, der, len,
                                                SSL_FILETYPE_ASN1);
    if (status != SSL_SUCCESS)
    {
        logg("tcpHandler: Error loading ca_cert_der_2048\n", "");
        exitApp(ctx1);
        return -1;
    }
    *ssl = wolfSSL_new(ctx1);
    if (*ssl == NULL)
    {
        logg("tcpHandler: wolfSSL_new error.\n", "");
        exitApp(ctx1);
        return -1;
    }

    sockfd = socket(AF_INET, SOCK_STREAM, 0);
    if (sockfd < 0)
    {
        logInt("***Error***: ftp socket creation failed val is %d", "", sockfd);
    }

    memset((char *) &servAddr, 0, sizeof(servAddr));
    servAddr.sin_family = AF_INET;
    servAddr.sin_port = htons(portNr);

    if (HTTPCli_initSockAddr((struct sockaddr *) &servAddr, ipAddress, 0) < 0)
    {
        logg("ftp: ***ERROR*** - address not resolved.", "");
        sockfd = 0;
        return -1;
    }
//   if(cmd_channel)
    ret = connect(sockfd, (struct sockaddr *) &servAddr, sizeof(servAddr));
    wolfSSL_set_fd(*ssl, sockfd);
    ret = wolfSSL_connect(*ssl);
    int err;
    char err_buffer[80];
    err = wolfSSL_get_error(*ssl, 0);

    if (ret == SSL_SUCCESS)
    {
        logg("TLS successful", "");
        sockfd = wolfSSL_get_fd(*ssl);

        /* Get a buffer to receive incoming packets. Use the default heap. */
        buffer = Memory_alloc(NULL, 512, 0, &eb);

        if (buffer == NULL)
        {
            logg("tcpWorker: failed to alloc memory\n", "");
            exitApp(ctx1);
            return -1;
        }

      //  ssl_data = ssl;
        sock3 = sockfd;

        logInt("local *ssl for data is %p ", *ssl,"");
        logInt("ssl_data is %p ", ssl_data,"");
        logInt("ctx1 is %p ", ctx1,"");

        Memory_free(NULL, buffer, 512);

    }
    else
    {
        wolfSSL_free(*ssl);
        close(sock3);
        //  fdClose((SOCKET) sockfd);
        logg("***Error***: Data connection failed failed.\n", "");
        //         fdCloseSession(TaskSelf());
        exitApp(ctx1);
        return -1;
    }

    return 0;

}

int createFtpSocket(char *ipAddress, int portNr)
{

    int sockfd;
    struct sockaddr_in servAddr;
    int ret, valread;

    Error_Block eb;

    char buff[512];
    memset(buff, 0, 512);

//   fdOpenSession(TaskSelf());
    Error_init(&eb);

    sockfd = socket(AF_INET, SOCK_STREAM, 0);
    if (sockfd < 0)
    {
        logInt("***Error***: ftp socket creation failed val is %d", "", sockfd);
    }

    memset((char *) &servAddr, 0, sizeof(servAddr));
    servAddr.sin_family = AF_INET;
    servAddr.sin_port = htons(portNr);

    if (HTTPCli_initSockAddr((struct sockaddr *) &servAddr, ipAddress, 0) < 0)
    {
        logg("ftp: ***ERROR*** - address not resolved.", "");
        sockfd = 0;
        return -1;
    }
//   if(cmd_channel)
    ret = connect(sockfd, (struct sockaddr *) &servAddr, sizeof(servAddr));

    if (ret < 0)
    {
        logStrInt("ftp: ***ERROR*** - connect failed ip %s port %d - quitting.",
                  "", ipAddress, portNr);
        logInt(" \nreturn value is %d ", "", ret);
        return ret;
    }
    else
    {
        //if(cmd_channel)
        valread = recv(sockfd, buff, sizeof(buff) - 1, 0);
        logStr("received buffer : %s", "", buff);
        sock1 = sockfd;
        memset(buff, 0, 512);
    }

/////////////////////////////////
    if (g_ftps)
    {
        int status = start_TLS(&ssl_cmd);
        if (status)
        {
            logg("***error*** tls failed:", "");
            return -1;
        }
    }

    return 0;

}

bool executeFtpCmd(char *ftpCmd, char* result, int size)
{
//logStr("executing ftp cmd %s","",ftpCmd);

    bool answer = true;

// strcpy(ftpCmd,ftpCmd1);
    int sent = wolfSSL_write(ssl_cmd, ftpCmd, strlen(ftpCmd));
    int ret = wolfSSL_get_error(ssl_cmd, 0);
//send(sock, ftpCmd, strlen(ftpCmd), 0);
    int valread = wolfSSL_read(ssl_cmd, (char *) result, size);
//recv(sock, result, size, 0);

    if (valread > 0)
    {
        result[valread - 2] = 0;
    }
    else
    {
        result[0] = 0;
        answer = false;
        char cmd[5] = { 0 };
        strncat(cmd, ftpCmd, 4);
        logStr("***ERROR*** - ftp: cmd %s failed - continuing", "", cmd);
    }
    return answer;
}
//
bool processFtpData(char* inFtpCmd, char* outBuff, bool push)
{
   / * //////////// some code *//////////////
    strcpy(ftpCmd, "PASV\r\n");
    if (!executeFtpCmd(ftpCmd, ftpResp, sizeof(ftpResp) - 1))
    {
        return false;
    }
///////////////   some code to extract ip and port no ///////////////////////

    int sock2 = createFtpDataSocket(&ssl_data, ftpDataIpAdr, ftpDataPortNr); ////////////////// data connection

///// do some processing related to data connection /////////////////////

            wolfSSL_free(ssl_data); ///////// freeing data socket
            close(sock3); //////////////closing data socket
            exitApp(ctx1);//////////////ctx1 related to data connection
   
    return answer;
}

bool pmoPosFtpProc(char* result)
{
   

    int sock = createFtpSocket(g_ftpHost, 21);

    if (sock < 0)
        return false;
    //////////////////////////// do login and other commands////////////////
    
    processFtpData("LIST /abc.txt\r\n", result, false);////////////////////////////////



    ftpCleanup: strcpy(ftpCmd, "QUIT\r\n");
    logg(" ******Closing socket******",__FUNCTION__);
    executeFtpCmd(ftpCmd, ftpResp, sizeof(ftpResp) - 1);

    logg("before freeing cmd pointers:","");
    logInt("ssl_cmd is %p", ssl_cmd,"");
    logInt("ctx is %p ", ctx,"");


    wolfSSL_free(ssl_cmd); ///////////// closing command channel related stuffs
    close(sock1);
    exitApp(ctx);
    
    return (answer);
}

I am getting the same behavior, different pointer values.
Thanks

Share

Re: Error:out of memory while doing wolfssl_connect

akhi_gangwar,

This might help!

https://stackoverflow.com/questions/134 … g-function

Warm Regards,

K

10 (edited by akhi_gangwar 2020-02-06 23:55:23)

Re: Error:out of memory while doing wolfssl_connect

Hi Kaleb,
I tried the same way and still the same problem. I don't know why I am getting this-
See the code in a minimal way this time-

WOLFSSL *ssl_cmd,  *ssl_data;
WOLFSSL_CTX* ctx=NULL, *ctx1=NULL;

int start_TLS(  WOLFSSL **ssl1)
{
    WOLFSSL *ssl;
    /// create and other code
    *ssl1 = ssl;
    // print(value of *ssl1 = %p and ssl = %p", *ssl1, ssl);
    // values of *ssl1= @00026d68 and ssl= @00026d68 
}
int createFtpSocket(char *ipAddress, int portNr)
{
        int status = start_TLS(&ssl_cmd);
       // value of ssl_cmd after start_tls = @00033564
}
bool pmoPosFtpProc(char* result)
{
    int sock = createFtpSocket(g_ftpHost, 21);
    wolfSSL_free(ssl_cmd);
 // value of ssl_cmd here = @0001d938
}

I exactly copied the method given there and fully understood that too and executed on machine also. Some other ways I also tried where the pointers are sync. But here failing.

Share

Re: Error:out of memory while doing wolfssl_connect

akhi_gangwar,

I fail to understand the need to do it this way, let me see if I understand your code correctly:

1) Global SSL variable.
2) Function start_TLS has an input parameter also an SSL variable
3) Function start_TLS has a second local parameter also an SSL variable.

We now have 3 SSL pointers, one global, one that was passed and one that was declared locally.

The logic seems to be:

4) Do setup and initialization with local variable. Assign local variable to passed variable. passed variable is global variable.

Why not just do:

setup and initialization with global variable?

There is no need for all this abstraction with 3 levels of separation.


Regards,

- K

Re: Error:out of memory while doing wolfssl_connect

Hi Kaleb,
I tried with that also. I made a global variable and used that in all functions. Still getting the problem.
I'll post the pointer values tomorrow.
Thanks

Share

Re: Error:out of memory while doing wolfssl_connect

Hi Kaleb, See-

WOLFSSL *ssl_cmd,  *ssl_data;
WOLFSSL_CTX* ctx=NULL, *ctx1=NULL;

int start_TLS()
{
  
    /// create and other code and using ssl_cmd
   
    // print(value of ssl_cmd= %p,ssl_cmd);
    // values of ssl_cmd=  @00027dfc 
}
int createFtpSocket(char *ipAddress, int portNr)
{

        int status = start_TLS();
        // print(value of ssl_cmd= %p,ssl_cmd);
       // value of ssl_cmd here = @00033170
       // though I am not using this here... but still printing
 
}

bool pmoPosFtpProc(char* result)
{
    int sock = createFtpSocket(g_ftpHost, 21);
    wolfSSL_free(ssl_cmd);
 // value of ssl_cmd here =@0001ebb4
}

Share

Re: Error:out of memory while doing wolfssl_connect

akhi_gangwar,

I think the best approach in this situation will be to start with something that is known to work and then make small changes (make the Structures global instead of local, test. Pass to a function after init, test again, free in another function, tests again) so you can see exactly which change is causing the issue.

Can you try using one of known and tested examples as a base from https://github.com/wolfSSL/wolfssl-exam … master/tls

Regards,

K

Re: Error:out of memory while doing wolfssl_connect

I tried so many things but nothing worked. I dont know what to do now.

Share

Re: Error:out of memory while doing wolfssl_connect

I put a flag to create the tls only once and use it again and again. But, the next time I try to connect, it fails because the pointer value has already changed.

Share

Re: Error:out of memory while doing wolfssl_connect

akhi_gangwar,

Did you start with our simpler examples first? Is there a reason to have the variable as global? If that is causing the issues and you are unable to resolve it perhaps consider passing the variable as a parameter like we do in our examples rather than having it global.

Regards,

K

18 (edited by akhi_gangwar 2020-02-14 04:51:50)

Re: Error:out of memory while doing wolfssl_connect

Hi Kaleb, I saw the example. It has created the local variable inside the main function of ssl and ctx. I need to declare it as a global variable as I have to use send and receive command many times at different places.
One more thing I was trying to use memcpy for ssl_cmd and ssl. I tried to allocate memory first to ssl_cmd using
         WOLFSSL * ssl_cmd;
         ssl_cmd= (WOLFSSL *)malloc(sizeof( WOLFSSL));
        // error here I am getting incomplete type is not allowed during compilation.
I tried to user this too
       ssl_cmd= (struct WOLFSSL *)malloc(sizeof(struct WOLFSSL));
but the error is same.

       // memcpy((void *)ssl_cmd, (void *)ssl, sizeof(ssl_cmd));
Why is this so? I was planning to copy content like this and freeing the pointer ssl then to use ssl_cmd

Let me know your thoughts on these two.

Share