Project

General

Profile

Actions

Bug #2677

closed

coverity: ja3 potential memory leak

Added by Victor Julien about 6 years ago. Updated about 6 years ago.

Status:
Closed
Priority:
Normal
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

Error: RESOURCE_LEAK (CWE-772):
suricata-4.1.0/src/app-layer-ssl.c:1114: alloc_fn: Storage is returned from allocation function "Ja3BufferInit".
suricata-4.1.0/src/util-ja3.c:40:25: alloc_fn: Storage is returned from allocation function "calloc".
suricata-4.1.0/src/util-ja3.c:40:25: assign: Assigning: "ptrmem" = "calloc(1UL, 24UL)".
suricata-4.1.0/src/util-ja3.c:40:23: assign: Assigning: "buffer" = "({...; (void *)ptrmem;})".
suricata-4.1.0/src/util-ja3.c:45:5: return_alloc: Returning allocated memory "buffer".
suricata-4.1.0/src/app-layer-ssl.c:1114: var_assign: Assigning: "ja3_elliptic_curves" = storage returned from "Ja3BufferInit()".
suricata-4.1.0/src/app-layer-ssl.c:1118: leaked_storage: Variable "ja3_elliptic_curves" going out of scope leaks the storage it points to.
# 1116|           if (ja3_extensions == NULL || ja3_elliptic_curves == NULL ||
# 1117|                   ja3_elliptic_curves_pf == NULL)
# 1118|->             return -1;
# 1119|       }
# 1120|   

Error: RESOURCE_LEAK (CWE-772):
suricata-4.1.0/src/app-layer-ssl.c:1115: alloc_fn: Storage is returned from allocation function "Ja3BufferInit".
suricata-4.1.0/src/util-ja3.c:40:25: alloc_fn: Storage is returned from allocation function "calloc".
suricata-4.1.0/src/util-ja3.c:40:25: assign: Assigning: "ptrmem" = "calloc(1UL, 24UL)".
suricata-4.1.0/src/util-ja3.c:40:23: assign: Assigning: "buffer" = "({...; (void *)ptrmem;})".
suricata-4.1.0/src/util-ja3.c:45:5: return_alloc: Returning allocated memory "buffer".
suricata-4.1.0/src/app-layer-ssl.c:1115: var_assign: Assigning: "ja3_elliptic_curves_pf" = storage returned from "Ja3BufferInit()".
suricata-4.1.0/src/app-layer-ssl.c:1118: leaked_storage: Variable "ja3_elliptic_curves_pf" going out of scope leaks the storage it points to.
# 1116|           if (ja3_extensions == NULL || ja3_elliptic_curves == NULL ||
# 1117|                   ja3_elliptic_curves_pf == NULL)
# 1118|->             return -1;
# 1119|       }
# 1120|   

Error: RESOURCE_LEAK (CWE-772):
suricata-4.1.0/src/app-layer-ssl.c:1113: alloc_fn: Storage is returned from allocation function "Ja3BufferInit".
suricata-4.1.0/src/util-ja3.c:40:25: alloc_fn: Storage is returned from allocation function "calloc".
suricata-4.1.0/src/util-ja3.c:40:25: assign: Assigning: "ptrmem" = "calloc(1UL, 24UL)".
suricata-4.1.0/src/util-ja3.c:40:23: assign: Assigning: "buffer" = "({...; (void *)ptrmem;})".
suricata-4.1.0/src/util-ja3.c:45:5: return_alloc: Returning allocated memory "buffer".
suricata-4.1.0/src/app-layer-ssl.c:1113: var_assign: Assigning: "ja3_extensions" = storage returned from "Ja3BufferInit()".
suricata-4.1.0/src/app-layer-ssl.c:1118: leaked_storage: Variable "ja3_extensions" going out of scope leaks the storage it points to.
# 1116|           if (ja3_extensions == NULL || ja3_elliptic_curves == NULL ||
# 1117|                   ja3_elliptic_curves_pf == NULL)
# 1118|->             return -1;
# 1119|       }
# 1120|   

Actions #1

Updated by Victor Julien about 6 years ago

  • Status changed from Assigned to Closed
Actions

Also available in: Atom PDF