Skip to content

Comments

Fix a memory leak reported in CIFuzz#16813

Closed
bernd-edlinger wants to merge 3 commits intoopenssl:masterfrom
bernd-edlinger:fix_a_memory_leak_reported_in_cifuzz
Closed

Fix a memory leak reported in CIFuzz#16813
bernd-edlinger wants to merge 3 commits intoopenssl:masterfrom
bernd-edlinger:fix_a_memory_leak_reported_in_cifuzz

Conversation

@bernd-edlinger
Copy link
Member

@bernd-edlinger bernd-edlinger commented Oct 12, 2021

Direct leak of 4 byte(s) in 1 object(s) allocated from:
#0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
#1 0x57af0d in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
#2 0x57af0d in CRYPTO_realloc /src/openssl/crypto/mem.c:207:16
#3 0x569d17 in BUF_MEM_grow /src/openssl/crypto/buffer/buffer.c:97:15
#4 0x5c3629 in str_copy /src/openssl/crypto/conf/conf_def.c:642:10
#5 0x5c1cc1 in def_load_bio /src/openssl/crypto/conf/conf_def.c:452:22
#6 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
#7 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
#8 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
#9 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
#10 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
#11 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int ()(unsigned char const, unsigned long)) cxa_noexception.cpp
#12 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10

Checklist
  • documentation is added or updated
  • tests are added or updated

@bernd-edlinger
Fix a memory leak reported in CIFuzz
8926c10 
Direct leak of 4 byte(s) in 1 object(s) allocated from:
     #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
     openssl#1 0x57af0d in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
     openssl#2 0x57af0d in CRYPTO_realloc /src/openssl/crypto/mem.c:207:16
     openssl#3 0x569d17 in BUF_MEM_grow /src/openssl/crypto/buffer/buffer.c:97:15
     openssl#4 0x5c3629 in str_copy /src/openssl/crypto/conf/conf_def.c:642:10
     openssl#5 0x5c1cc1 in def_load_bio /src/openssl/crypto/conf/conf_def.c:452:22
     openssl#6 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
     openssl#7 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
     openssl#8 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
     openssl#9 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
     openssl#10 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
     openssl#11 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
     openssl#12 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
@bernd-edlinger bernd-edlinger added branch: master Applies to master branch branch: 3.0 Applies to openssl-3.0 branch labels Oct 12, 2021
@beldmit
Copy link
Member

beldmit commented Oct 12, 2021

I'm not sure, I looked here some time ago and got an impression that include_path shouldn't be freed here

@bernd-edlinger
Fix another memory leak reported in CIFuzz
5926454 
Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
    openssl#1 0x57acd9 in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
    openssl#2 0x57e106 in CRYPTO_strdup /src/openssl/crypto/o_str.c:24:11
    openssl#3 0x5c139f in def_load_bio /src/openssl/crypto/conf/conf_def.c:427:45
    openssl#4 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
    openssl#5 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
    openssl#6 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
    openssl#7 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
    openssl#8 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
    openssl#9 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
    openssl#10 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    openssl#11 0x7f15336bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)
@bernd-edlinger
fixup! Fix another memory leak reported in CIFuzz
ecac248
@t8m t8m added triaged: bug The issue/pr is/fixes a bug approval: done This pull request has the required number of approvals labels Oct 13, 2021
@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Oct 14, 2021
@openssl-machine
Copy link
Collaborator

openssl-machine commented Oct 14, 2021

This pull request is ready to merge

openssl-machine pushed a commit that referenced this pull request Oct 14, 2021
@bernd-edlinger
Fix a memory leak reported in CIFuzz
74b4858 
Direct leak of 4 byte(s) in 1 object(s) allocated from:
     #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
     #1 0x57af0d in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
     #2 0x57af0d in CRYPTO_realloc /src/openssl/crypto/mem.c:207:16
     #3 0x569d17 in BUF_MEM_grow /src/openssl/crypto/buffer/buffer.c:97:15
     #4 0x5c3629 in str_copy /src/openssl/crypto/conf/conf_def.c:642:10
     #5 0x5c1cc1 in def_load_bio /src/openssl/crypto/conf/conf_def.c:452:22
     #6 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
     #7 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
     #8 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
     #9 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
     #10 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
     #11 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
     #12 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16813)
openssl-machine pushed a commit that referenced this pull request Oct 14, 2021
@bernd-edlinger
Fix another memory leak reported in CIFuzz
19b30f1 
Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
    #1 0x57acd9 in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
    #2 0x57e106 in CRYPTO_strdup /src/openssl/crypto/o_str.c:24:11
    #3 0x5c139f in def_load_bio /src/openssl/crypto/conf/conf_def.c:427:45
    #4 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
    #5 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
    #6 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
    #7 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
    #8 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
    #9 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
    #10 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #11 0x7f15336bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16813)
openssl-machine pushed a commit that referenced this pull request Oct 14, 2021
@bernd-edlinger
Fix a memory leak reported in CIFuzz
7c88260 
Direct leak of 4 byte(s) in 1 object(s) allocated from:
     #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
     #1 0x57af0d in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
     #2 0x57af0d in CRYPTO_realloc /src/openssl/crypto/mem.c:207:16
     #3 0x569d17 in BUF_MEM_grow /src/openssl/crypto/buffer/buffer.c:97:15
     #4 0x5c3629 in str_copy /src/openssl/crypto/conf/conf_def.c:642:10
     #5 0x5c1cc1 in def_load_bio /src/openssl/crypto/conf/conf_def.c:452:22
     #6 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
     #7 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
     #8 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
     #9 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
     #10 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
     #11 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
     #12 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16813)

(cherry picked from commit 74b4858)
openssl-machine pushed a commit that referenced this pull request Oct 14, 2021
@bernd-edlinger
Fix another memory leak reported in CIFuzz
09fc342 
Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
    #1 0x57acd9 in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
    #2 0x57e106 in CRYPTO_strdup /src/openssl/crypto/o_str.c:24:11
    #3 0x5c139f in def_load_bio /src/openssl/crypto/conf/conf_def.c:427:45
    #4 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
    #5 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
    #6 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
    #7 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
    #8 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
    #9 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
    #10 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #11 0x7f15336bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Reviewed-by: Tomas Mraz <[email protected]>
(Merged from #16813)

(cherry picked from commit 19b30f1)
@bernd-edlinger
Copy link
Member Author

bernd-edlinger commented Oct 14, 2021

Merged to master and 3.0 branch. Thanks!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@t8m t8m t8m approved these changes

Assignees

No one assigned

Labels

approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Applies to master branch branch: 3.0 Applies to openssl-3.0 branch triaged: bug The issue/pr is/fixes a bug

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@bernd-edlinger @beldmit @openssl-machine @t8m