Leaks memory on client disconnect while using TLS
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Icecast |
New
|
Unknown
|
|||
icecast2 (Debian) |
Fix Released
|
Unknown
|
|||
icecast2 (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unit 193 |
Bug Description
Howdy,
When one has TLS enabled, icecast2 leaks memory on client disconnect. Given the nature of a streaming server this happens all the time.
There are two ways to solve this, one would be to switch to using OpenSSL rather than WolfSSL, while the other would be to apply a tiny patch that was written by one of the WolfSSL contributors and is attached.
I tested both solutions and they most certainly do solve the problem. One can easily test by setting up icecast2, connecting a source client, then creating a loop with wget to generate a lot of connect/disconnect noise.
[Impact]
Anyone that uses TLS will be affected by a memory leak.
[Test Case]
Set up icecast2 with TLS and hook up a source client such as ices2, darkice, boodler, etc.
Quickly connect and disconnect some clients:
for i in `seq 1 300`;do timeout 3 wget -O /dev/null https:/
And watch the memory increase.
[Regression Potential]
Well it's a minimal patch, so topping OOM'ing due to too many clients is going to be hard to beat.
If switching to OpenSSL, this is perhaps a bigger change due to switching out TLS backends, but perhaps has been tested more.
Code that handles edge case SSL protocol handling is being adjusted. Any regressions are likely to manifest in this area.
~Unit 193
description: | updated |
Changed in icecast2 (Debian): | |
status: | Unknown → Fix Released |
Changed in icecast: | |
status: | Unknown → New |
This is fixed in 2.4.4-4 in Groovy onwards by Debian switching the package to OpenSSL.