Main Site Documentation

HTTPS memory leak


#1

Hi.

I’ve had some memory problems using https in my G120 and I found this blogpost which describes the problem: http://blog.devmobile.co.nz/2013/03/04/netmf-http-client-possible-memory-leak/ and this from the same author: http://netmf.codeplex.com/workitem/2005

Is this a confirmed problem?

Using https (or any other form of integrity protection of data) is an important requirement for my company. Does anyone know of a workaround or any other suggestion on how to secure http data?


#2

We took a note of this and will look into it asap in the near future. We are busy releasing an SDK.


#3

Ok. Thanks in advance!


#4

Would love to hear if this issue has been looked upon?


#5

We have been able to reproduce it. We are looking into the cause right now.


#6

The issue occurs because SslStream.AuthenticateAsClient leaks around 45KB each time it is called. Since the HTTP class calls that method for each new connection and since a new connection is created for each HTTP request most of the time.

A partial-workaround will be to implement your own HTTP library over the regular .net socket and SsLStream. You will still leak the 45KB when you call AuthenticateAsClient, but if you can keep the connection open indefinitely, that might be workable.

I have replied to the work item on CodePlex: https://netmf.codeplex.com/workitem/2005


#7

Using an existing library that can be altered to work with SSL if it doesn’t already is definitely ideal, as andre said.


#8

NETMF.


#9

netmf is open source so why wait for microsoft?


#10

@ andre We do need to wait for Microsoft to fix it.


#11

Well, it is only a partial workaround. If you do have to open and close the connection or have multiple ones open, you still will run out. But for some users, they can keep the socket open, so they won’t run into the issue right away.


#12

A partial workaround for some users, yes. For the rest, we have to wait for Microsoft to fix it.


#13

No news on it as of right now.