fix: UpgradePackBuilderFacade setting mbedtls global memory pool on stack #324

BarisTanyeri · 2023-06-15T15:24:09Z

Summary

This PR fixes the crash when ConnectionMbedTls is combined with UpgradePackBuilderFacade

Issue Reproduction

1- Create ConnectionMbedTls
2- Run UpgradePackBuilderFacade
3- Attempt to create ConnectionMbedTls for another host
4- Observe failure on mbedtls_ssl_session_free()

Details

When UpgradePackBuilderFacade is combined with ConnectionMbedTls, connection memory pool is allocated on the heap. However, UpgradePackBuilderFacade sets global mbed tls buffers on stack, which then causes free() to be called on heap pointers in the context of stack.
When MBEDTLS_MEMORY_DEBUG is defined; FATAL: mbedtls_free() outside of managed space is printed. This indicates either the memory pool is corrupted or the pointers. In this case, mbedtls memory pool is set to stack memory while initialization of a ConnectionMbedTls had been done on the heap. When ConnectionMbedTls tries to free its resources in the pool, because the pool has changed, this operation becomes invalid and causes the program to exit.

…tack, causing a crash when combined with ConnectionMbedTls

github-actions · 2023-06-15T15:27:55Z

🦙 MegaLinter status: ⚠️ WARNING

Descriptor	Linter	Files	Fixed	Errors	Elapsed time
✅ ACTION	actionlint	11		0	0.11s
✅ DOCKERFILE	hadolint	1		0	0.12s
✅ JSON	eslint-plugin-jsonc	10	0	0	5.15s
✅ JSON	prettier	10	0	0	0.68s
⚠️ MARKDOWN	markdownlint	7	0	11	0.71s
⚠️ MARKDOWN	markdown-link-check	7		1	54.53s
✅ MARKDOWN	markdown-table-formatter	7	0	0	0.48s
✅ YAML	prettier	20	0	0	1.21s
✅ YAML	v8r	20		0	10.53s
✅ YAML	yamllint	20		0	0.36s