Project

General

Profile

Bug #3594

Updated by Victor Julien over 4 years ago

Ticket for collecting various leak on error cases found using fuzzing. 

 First: 
 <pre> 
 ==12==ERROR: LeakSanitizer: detected memory leaks 

 Direct leak of 16 byte(s) in 1 object(s) allocated from: 
     #0 0x536542 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 
     #1 0xc9503e in DetectPktvarSetup /src/suricata/src/detect-pktvar.c:127:28 
     #2 0xc6e35d in SigParseOptions /src/suricata/src/detect-parse.c 
     #3 0xc66840 in SigParse /src/suricata/src/detect-parse.c:1241:19 
     #4 0xc5b8cc in SigInitHelper /src/suricata/src/detect-parse.c:1865:15 
     #5 0xc5b322 in SigInit /src/suricata/src/detect-parse.c:2032:16 
     #6 0x568c60 in LLVMFuzzerTestOneInput /src/suricata/src/tests/fuzz/fuzz_siginit.c:42:24 
     #7 0x46e831 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 
     #8 0x46df55 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 
     #9 0x4702f7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19 
     #10 0x471085 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5 
     #11 0x45f108 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 
     #12 0x488f32 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 
     #13 0x7f619e5b282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) 

 Indirect leak of 1 byte(s) in 1 object(s) allocated from: 
     #0 0x536542 in calloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:154:3 
     #1 0x898665 in DetectContentDataParse /src/suricata/src/detect-content.c:182:24 
     #2 0xc94ff2 in DetectPktvarSetup /src/suricata/src/detect-pktvar.c:120:11 
     #3 0xc6e35d in SigParseOptions /src/suricata/src/detect-parse.c 
     #4 0xc66840 in SigParse /src/suricata/src/detect-parse.c:1241:19 
     #5 0xc5b8cc in SigInitHelper /src/suricata/src/detect-parse.c:1865:15 
     #6 0xc5b322 in SigInit /src/suricata/src/detect-parse.c:2032:16 
     #7 0x568c60 in LLVMFuzzerTestOneInput /src/suricata/src/tests/fuzz/fuzz_siginit.c:42:24 
     #8 0x46e831 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15 
     #9 0x46df55 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3 
     #10 0x4702f7 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19 
     #11 0x471085 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:830:5 
     #12 0x45f108 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:824:6 
     #13 0x488f32 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10 
     #14 0x7f619e5b282f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f) 

 SUMMARY: AddressSanitizer: 17 byte(s) leaked in 2 allocation(s). 
 INFO: to ignore leaks on libFuzzer side use -detect_leaks=0. 
 </pre>

Back