Actions
Bug #8146
openutils-spm-hs: missing deallocators on hs_compile failure
Affected Versions:
Effort:
low
Difficulty:
Label:
Description
During fuzzing siginit discovered two minor memory leaks in HSBuildDatabase which is caused by missing deallocators when Hyperscan fails to compile expression.
The problem is missing deallocator for expression and missing deallocator for Hyperscan error.
char *expr = HSRenderPattern(needle, needle_len);
hs_error_t err = hs_compile(expr, flags, HS_MODE_BLOCK, NULL, &db,
&compile_err);
if (err != HS_SUCCESS) {
SCLogError("Unable to compile '%s' with Hyperscan, "
"returned %d.",
expr, err);
return -1;
}
SCFree(expr);
Updated by Sergey Zhidkih 27 days ago
May I claim this issue and get developer role?
Updated by Victor Julien 26 days ago
- Status changed from New to Assigned
- Assignee set to Sergey Zhidkih
- Target version changed from TBD to 9.0.0-beta1
Thanks for looking into this. We'd need a Github PR against the main branch. After merge we probably want to backport as well.
Updated by Philippe Antoine 24 days ago
- Status changed from Assigned to In Review
Updated by Philippe Antoine 17 days ago
- Blocks Security #6187: detect: handle allocation failures during rule reload added
Updated by Victor Julien 13 days ago
- Label Needs backport to 7.0, Needs backport to 8.0 added
Actions