Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix(zigbee): memory leak issue with malloc #11196

Closed
wants to merge 11 commits into from
Closed

fix(zigbee): memory leak issue with malloc #11196

wants to merge 11 commits into from

Conversation

SuGlider
Copy link
Collaborator

@SuGlider SuGlider commented Mar 28, 2025
edited
Loading

Description of Change

In libraries/Zigbee/src/ZigbeeEP.cpp file, void ZigbeeEP::zbReadBasicCluster(const esp_zb_zcl_attribute_t *attribute) has a memory leak due to a malloc() with no free().

The same is applied to bool ZigbeeEP::setManufacturerAndModel(const char *name, const char *model) with necessary NULL test of basic_cluster.

Changed code to use std::vector<char> whenever possible.

Tests scenarios

CI only.

Related links

None

@SuGlider SuGlider self-assigned this Mar 28, 2025
@SuGlider SuGlider added the Area: Zigbee Issues and Feature Request about Zigbee label Mar 28, 2025
@SuGlider SuGlider added this to the 3.2.0 milestone Mar 28, 2025
@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 28, 2025
edited
Loading

Messages
📖 🎉 Good Job! All checks are passing!

👋 Hello SuGlider, we appreciate your contribution to this project!

📘 Please review the project's Contributions Guide for key guidelines on code, documentation, testing, and more.
🖊️ Please also make sure you have read and signed the Contributor License Agreement for this project.
Click to see more instructions ...


This automated output is generated by the PR linter DangerJS, which checks if your Pull Request meets the project's requirements and helps you fix potential issues.

DangerJS is triggered with each push event to a Pull Request and modify the contents of this comment.

Please consider the following:
- Danger mainly focuses on the PR structure and formatting and can't understand the meaning behind your code or changes.
- Danger is not a substitute for human code reviews; it's still important to request a code review from your colleagues.
- To manually retry these Danger checks, please navigate to the Actions tab and re-run last Danger workflow.

Review and merge process you can expect ...


We do welcome contributions in the form of bug reports, feature requests and pull requests.

1. An internal issue has been created for the PR, we assign it to the relevant engineer.
2. They review the PR and either approve it or ask you for changes or clarifications.
3. Once the GitHub PR is approved we do the final review, collect approvals from core owners and make sure all the automated tests are passing.
- At this point we may do some adjustments to the proposed change, or extend it by adding tests or documentation.
4. If the change is approved and passes the tests it is merged into the default branch.

Generated by 🚫 dangerJS against d09c3ee

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 28, 2025
edited
Loading

Memory usage test (comparing PR against master branch)

The table below shows the summary of memory usage change (decrease - increase) in bytes and percentage for each target.

MemoryFLASH [bytes]FLASH [%]RAM [bytes]RAM [%]
TargetDECINCDECINCDECINCDECINC
ESP32S30⚠️ +3920.00⚠️ +0.06000.000.00
ESP32S20⚠️ +4000.00⚠️ +0.07000.000.00
ESP32C30⚠️ +3760.00⚠️ +0.06000.000.00
ESP32C6💚 -4⚠️ +3800.00⚠️ +0.07000.000.00
ESP32H2💚 -4⚠️ +3800.00⚠️ +0.07000.000.00
ESP320⚠️ +5240.00⚠️ +0.08000.000.00
Click to expand the detailed deltas report [usage change in BYTES]
TargetESP32S3ESP32S2ESP32C3ESP32C6ESP32H2ESP32
ExampleFLASHRAMFLASHRAMFLASHRAMFLASHRAMFLASHRAMFLASHRAM
libraries/Zigbee/examples/Zigbee_Color_Dimmer_Switch⚠️ +3880⚠️ +3960⚠️ +3640⚠️ +3760⚠️ +3620⚠️ +5120
libraries/Zigbee/examples/Zigbee_Gateway⚠️ +3320⚠️ +3880⚠️ +3660----⚠️ +4280
libraries/Zigbee/examples/Zigbee_On_Off_Switch⚠️ +3880⚠️ +4000⚠️ +3580⚠️ +3560⚠️ +3680⚠️ +5000
libraries/Zigbee/examples/Zigbee_Range_Extender⚠️ +3920⚠️ +4000⚠️ +3760⚠️ +3740⚠️ +3640⚠️ +5240
libraries/Zigbee/examples/Zigbee_Thermostat⚠️ +3880⚠️ +4000⚠️ +3640⚠️ +3620⚠️ +3720⚠️ +5200
libraries/Zigbee/examples/Zigbee_Analog_Input_Output------⚠️ +3720⚠️ +3700--
libraries/Zigbee/examples/Zigbee_CarbonDioxide_Sensor------⚠️ +3600⚠️ +3700--
libraries/Zigbee/examples/Zigbee_Color_Dimmable_Light------⚠️ +3800⚠️ +3640--
libraries/Zigbee/examples/Zigbee_Contact_Switch------⚠️ +3660⚠️ +3740--
libraries/Zigbee/examples/Zigbee_Dimmable_Light------⚠️ +3660⚠️ +3760--
libraries/Zigbee/examples/Zigbee_Illuminance_Sensor------⚠️ +3660⚠️ +3700--
libraries/Zigbee/examples/Zigbee_OTA_Client------⚠️ +3700⚠️ +3640--
libraries/Zigbee/examples/Zigbee_Occupancy_Sensor------⚠️ +3620⚠️ +3720--
libraries/Zigbee/examples/Zigbee_On_Off_Light------⚠️ +3620⚠️ +3680--
libraries/Zigbee/examples/Zigbee_Pressure_Flow_Sensor------⚠️ +3740⚠️ +3760--
libraries/Zigbee/examples/Zigbee_Scan_Networks------💚 -40💚 -40--
libraries/Zigbee/examples/Zigbee_Temp_Hum_Sensor_Sleepy------⚠️ +3700⚠️ +3640--
libraries/Zigbee/examples/Zigbee_Temperature_Sensor------⚠️ +3680⚠️ +3720--
libraries/Zigbee/examples/Zigbee_Vibration_Sensor------⚠️ +3740⚠️ +3680--
libraries/Zigbee/examples/Zigbee_Wind_Speed_Sensor------⚠️ +3600⚠️ +3700--
libraries/Zigbee/examples/Zigbee_Window_Covering------⚠️ +3740⚠️ +3800--

lucasssvaz
lucasssvaz requested changes Mar 28, 2025
View reviewed changes
Copy link
Collaborator

@lucasssvaz lucasssvaz left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

VLAs like char zb_name[name_length + 2] are considered Undefined Behavior in C++ (although GCC supports it as an extension).

Better just to add the missing free to avoid the memory leak.

@github-actions GitHub Actions
Copy link
Contributor

github-actions bot commented Mar 28, 2025
edited
Loading

Test Results

 76 files   76 suites   12m 48s ⏱️
 38 tests  38 ✅ 0 💤 0 ❌
241 runs  241 ✅ 0 💤 0 ❌

Results for commit d09c3ee.

♻️ This comment has been updated with latest results.

@SuGlider
Copy link
Collaborator Author

VLAs like char zb_name[name_length + 2] are considered Undefined Behavior in C++

In such case, using std::vector<char> declaration is even better in that case. No need to consider free().

@SuGlider
Copy link
Collaborator Author

SuGlider commented Mar 28, 2025
edited
Loading

GCC supporting it is important. I would prefer allocating memory for a few bytes in Stack instead of Heap. Reduces memory fragmentation and it is faster.

let's go with C++ way. Safer.
Reviewing the whole _name and _model functionality. More fixes to make sure it doesn't leak memory.

@SuGlider
Copy link
Collaborator Author

@P-R-O-C-H-Y - I can't test it here to make sure that it works. Please test it using HA and the Zigbee dongle. Thanks!

@SuGlider SuGlider added the Status: Review needed Issue or PR is awaiting review label Mar 28, 2025
@SuGlider SuGlider marked this pull request as draft March 28, 2025 16:37
@SuGlider SuGlider removed the Status: Review needed Issue or PR is awaiting review label Mar 28, 2025
@SuGlider
Copy link
Collaborator Author

Reviewing it over again... code change is wrong.

@SuGlider
Copy link
Collaborator Author

Sorry guys. Current code is 100% fine. No issues. My bad.

@SuGlider SuGlider closed this Mar 28, 2025
@SuGlider SuGlider deleted the zigbee_memory_leak branch March 28, 2025 16:56
@SuGlider SuGlider mentioned this pull request Mar 28, 2025
Open
me-no-dev
me-no-dev reviewed Mar 28, 2025
View reviewed changes
libraries/Zigbee/src/ZigbeeEP.cpp
if (_read_manufacturer != nullptr) {
free(_read_manufacturer);
}
free(_read_manufacturer); // CPP tests it for nullptr
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what does the comment mean?

me-no-dev
me-no-dev reviewed Mar 28, 2025
View reviewed changes
libraries/Zigbee/src/ZigbeeEP.cpp
char *zb_name = new char[name_length + 2];
char *zb_model = new char[model_length + 2];
std::vector<char> zb_name(name_length + 2);
std::vector<char> zb_model(model_length + 2);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

what will happen if there was not enough memory?

me-no-dev
me-no-dev reviewed Mar 28, 2025
View reviewed changes
libraries/Zigbee/src/ZigbeeEP.cpp
zb_manufacturer[zbstr->len] = '\0';
log_i("Peer Manufacturer is \"%s\"", zb_manufacturer.data());
free(_read_manufacturer); // Free any previously allocated memory
_read_manufacturer = strdup(zb_manufacturer.data()); // Duplicate the information for persistent storage
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

strdup will return NULL if there was not enough memory

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@me-no-dev me-no-dev me-no-dev left review comments

@lucasssvaz lucasssvaz Awaiting requested review from lucasssvaz

@P-R-O-C-H-Y P-R-O-C-H-Y Awaiting requested review from P-R-O-C-H-Y

Assignees

@SuGlider SuGlider

Labels
Area: Zigbee Issues and Feature Request about Zigbee
Projects
Arduino ESP32 Core Project Roadmap
Status: Done
Milestone
3.2.0
Development

Successfully merging this pull request may close these issues.
3 participants
@SuGlider @me-no-dev @lucasssvaz