Project

General

Profile

Actions

Bug #3647

closed

rules: memory leaks on failed rules

Added by Jeff Lucovsky almost 4 years ago. Updated almost 4 years ago.

Status:
Closed
Priority:
Immediate
Target version:
Affected Versions:
Effort:
Difficulty:
Label:

Description

These are minor leaks, but due to the nature of the fuzzing they will cause OOM errors during fuzzing. In normal use this should be pretty much harmless unless you have large numbers of bad rules and reload continuesly.

==11== ERROR: libFuzzer: out-of-memory (used: 2562Mb; limit: 2560Mb)              
   To change the out-of-memory limit use -rss_limit_mb=<N>                          

Live Heap Allocations: 1806291148 bytes in 8328315 chunks; quarantined: 9143054 bytes in 6934 chunks; 41947 other chunks; total chunks: 8377196; showing top 95% (at most 8 unique contexts)
599068080 byte(s) (33%) in 832039 allocation(s)                                                                                                        
    #0 0x536742 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3                                                                                  
    #1 0x8431dc in SigAlloc /src/suricata/src/detect-parse.c:1269:31                                                 
    #2 0x846c3e in SigInitHelper /src/suricata/src/detect-parse.c:1858:22                                                                                                                      
    #3 0x846843 in SigInit /src/suricata/src/detect-parse.c:2043:25                                                                                                  
    #4 0x847da3 in DetectEngineAppendSig /src/suricata/src/detect-parse.c:2318:22     
    #5 0x792eb4 in DetectLoadSigFile /src/suricata/src/detect-engine-loader.c:169:15 
    #6 0x78f3f2 in ProcessSigFiles /src/suricata/src/detect-engine-loader.c:252:13         
    #7 0x78ddf1 in SigLoadSignatures /src/suricata/src/detect-engine-loader.c:331:15                                                                   
    #8 0x7463fa in DetectEngineReload /src/suricata/src/detect-engine.c:4007:9                                                                                                
    #9 0x56919f in LLVMFuzzerTestOneInput /src/suricata/src/tests/fuzz/fuzz_sigpcap.c:131:9                          
    #10 0x46ea31 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15                                        
    #11 0x46e155 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #12 0x4704f7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #13 0x471285 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #14 0x45f308 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #15 0x489132 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #16 0x7f22f982182f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)       

599068080 byte(s) (33%) in 832039 allocation(s)                                                                                                        
    #0 0x536742 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3
    #1 0x843220 in SigAlloc /src/suricata/src/detect-parse.c:1276:36
    #2 0x846c3e in SigInitHelper /src/suricata/src/detect-parse.c:1858:22
    #3 0x846843 in SigInit /src/suricata/src/detect-parse.c:2043:25
    #4 0x847da3 in DetectEngineAppendSig /src/suricata/src/detect-parse.c:2318:22
    #5 0x792eb4 in DetectLoadSigFile /src/suricata/src/detect-engine-loader.c:169:15
    #6 0x78f3f2 in ProcessSigFiles /src/suricata/src/detect-engine-loader.c:252:13
    #7 0x78ddf1 in SigLoadSignatures /src/suricata/src/detect-engine-loader.c:331:15
    #8 0x7463fa in DetectEngineReload /src/suricata/src/detect-engine.c:4007:9
    #9 0x56919f in LLVMFuzzerTestOneInput /src/suricata/src/tests/fuzz/fuzz_sigpcap.c:131:9
    #10 0x46ea31 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #11 0x46e155 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #12 0x4704f7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #13 0x471285 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5
    #14 0x45f308 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6
    #15 0x489132 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #16 0x7f22f982182f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Related issues 1 (0 open1 closed)

Copied from Suricata - Bug #3632: rules: memory leaks on failed rulesClosedVictor JulienActions
Actions

Also available in: Atom PDF