Actions
Bug #2677
closedcoverity: ja3 potential memory leak
Affected Versions:
Effort:
Difficulty:
Label:
Description
Error: RESOURCE_LEAK (CWE-772): suricata-4.1.0/src/app-layer-ssl.c:1114: alloc_fn: Storage is returned from allocation function "Ja3BufferInit". suricata-4.1.0/src/util-ja3.c:40:25: alloc_fn: Storage is returned from allocation function "calloc". suricata-4.1.0/src/util-ja3.c:40:25: assign: Assigning: "ptrmem" = "calloc(1UL, 24UL)". suricata-4.1.0/src/util-ja3.c:40:23: assign: Assigning: "buffer" = "({...; (void *)ptrmem;})". suricata-4.1.0/src/util-ja3.c:45:5: return_alloc: Returning allocated memory "buffer". suricata-4.1.0/src/app-layer-ssl.c:1114: var_assign: Assigning: "ja3_elliptic_curves" = storage returned from "Ja3BufferInit()". suricata-4.1.0/src/app-layer-ssl.c:1118: leaked_storage: Variable "ja3_elliptic_curves" going out of scope leaks the storage it points to. # 1116| if (ja3_extensions == NULL || ja3_elliptic_curves == NULL || # 1117| ja3_elliptic_curves_pf == NULL) # 1118|-> return -1; # 1119| } # 1120| Error: RESOURCE_LEAK (CWE-772): suricata-4.1.0/src/app-layer-ssl.c:1115: alloc_fn: Storage is returned from allocation function "Ja3BufferInit". suricata-4.1.0/src/util-ja3.c:40:25: alloc_fn: Storage is returned from allocation function "calloc". suricata-4.1.0/src/util-ja3.c:40:25: assign: Assigning: "ptrmem" = "calloc(1UL, 24UL)". suricata-4.1.0/src/util-ja3.c:40:23: assign: Assigning: "buffer" = "({...; (void *)ptrmem;})". suricata-4.1.0/src/util-ja3.c:45:5: return_alloc: Returning allocated memory "buffer". suricata-4.1.0/src/app-layer-ssl.c:1115: var_assign: Assigning: "ja3_elliptic_curves_pf" = storage returned from "Ja3BufferInit()". suricata-4.1.0/src/app-layer-ssl.c:1118: leaked_storage: Variable "ja3_elliptic_curves_pf" going out of scope leaks the storage it points to. # 1116| if (ja3_extensions == NULL || ja3_elliptic_curves == NULL || # 1117| ja3_elliptic_curves_pf == NULL) # 1118|-> return -1; # 1119| } # 1120| Error: RESOURCE_LEAK (CWE-772): suricata-4.1.0/src/app-layer-ssl.c:1113: alloc_fn: Storage is returned from allocation function "Ja3BufferInit". suricata-4.1.0/src/util-ja3.c:40:25: alloc_fn: Storage is returned from allocation function "calloc". suricata-4.1.0/src/util-ja3.c:40:25: assign: Assigning: "ptrmem" = "calloc(1UL, 24UL)". suricata-4.1.0/src/util-ja3.c:40:23: assign: Assigning: "buffer" = "({...; (void *)ptrmem;})". suricata-4.1.0/src/util-ja3.c:45:5: return_alloc: Returning allocated memory "buffer". suricata-4.1.0/src/app-layer-ssl.c:1113: var_assign: Assigning: "ja3_extensions" = storage returned from "Ja3BufferInit()". suricata-4.1.0/src/app-layer-ssl.c:1118: leaked_storage: Variable "ja3_extensions" going out of scope leaks the storage it points to. # 1116| if (ja3_extensions == NULL || ja3_elliptic_curves == NULL || # 1117| ja3_elliptic_curves_pf == NULL) # 1118|-> return -1; # 1119| } # 1120|
Updated by Victor Julien about 6 years ago
- Status changed from Assigned to Closed
Actions