[dlt-control-common] Memory Leak - It was verified by ASAN (Address Sanitizer). #440
Comments
zj3t
changed the title
|
Hello @zj3t , btw: do you want to prepare a fix as well? I would be happy to merge it. |
|
Thanks for the reply. Memory leaks occur when a program dynamically allocates memory, but loses track of that memory and is unable to free it, causing the memory to remain occupied even when it is no longer needed. This can result in the program using up more and more memory over time, eventually leading to the program crashing or freezing. In this case(issue), memory leak occurs regardless of user input, so there is a possibility of becoming a problem in the future. |
|
Oh!! I'm not a developer so I'm not ready to fix it. It seems that you who understand the program well should do the modification. Later, before you merge, I'll check the patch. Thanks :) |
|
Hi @zj3t , @michael-methner , The fixed version is already at #441. Thanks, |
|
Thanks @lvklevankhanh @michael-methner :) Thank you again. |
|
Miss Click.... |
|
Hi @zj3t , |
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c. References: https://nvd.nist.gov/vuln/detail/CVE-2023-26257 COVESA/dlt-daemon#440 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c. References: https://nvd.nist.gov/vuln/detail/CVE-2023-26257 COVESA/dlt-daemon#440 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Source: meta-openembedded MR: 124675 Type: Security Fix Disposition: Merged from meta-openembedded-nut ChangeID: 63c520c Description: An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c. References: https://nvd.nist.gov/vuln/detail/CVE-2023-26257 COVESA/dlt-daemon#440 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Jeremy A. Puhlman <jpuhlman@mvista.com>
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c. References: https://nvd.nist.gov/vuln/detail/CVE-2023-26257 COVESA/dlt-daemon#440 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Armin Kuster <akuster808@gmail.com>
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c. References: https://nvd.nist.gov/vuln/detail/CVE-2023-26257 COVESA/dlt-daemon#440 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com> (cherry picked from commit ad73ee2) Signed-off-by: Armin Kuster <akuster808@gmail.com>
An issue was discovered in the Connected Vehicle Systems Alliance (COVESA; formerly GENIVI) dlt-daemon through 2.18.8. Dynamic memory is not released after it is allocated in dlt-control-common.c. References: https://nvd.nist.gov/vuln/detail/CVE-2023-26257 COVESA/dlt-daemon#440 Signed-off-by: Yogita Urade <yogita.urade@windriver.com> Signed-off-by: Khem Raj <raj.khem@gmail.com>
Hi great COVESA team, it's me again...haha..
Every weekend, I spend time studying the source code of DLT-DAEMON, and every time I do, I am struck by how impressive it is as software.
Summary
While reviewing the source code of DLT-passive-node-ctrl, I noticed many instances of memory deallocation missing the call to the free() function.
To further investigate, I used ASAN to analyze DLT-passive-node-ctrl and discovered the existence of memory leaks.
Memory Leak
Memory leak occurs even if no input value is entered.
[dlt-control-common.c]
It appears that the heap memory allocated by calloc() is not being freed.
Likewise, dlt-logstorage-ctrl is also the cause.
It seems to be done by calling the dlt_file_free() function.
As before (428b835)
END
I came to know your foundation while researching someip,
Studying dlt-daemon, I admire your skills.
It may be a minor vulnerability (bug), but I am reporting it because there is a possibility that a more competent hacker than me will exploit it later.
Thanks.
Ah! And if possible, I'd like to request a CVE.
If you guys let me, I'll make a request to MITRE.
Please let me know if you allow(Request CVE) it in response.
The text was updated successfully, but these errors were encountered: