Closed
Description
System info:
Ubuntu 16.04.6 LTS, X64, gcc 5.4.0, lrzip (latest master 465afe8)
Compile Command:
$ chmod a+x mkinstalldirs
make distclean
./autogen.sh
mkdir -p build/bin
CC="gcc -fsanitize=address -fno-omit-frame-pointer -g" CXX="g++ -fsanitize=address -fno-omit-frame-pointer -g" ./configure --enable-static-bin --disable-shared
make -j
Run Command:
$ lrzip -t $POC
POC file:
https://github.com/Clingto/POC/blob/master/MSA/lrzip/lrzip-561-fill_buffer-memory-leak
ASAN info:
Failed to decompress buffer - lzmaerr=1
Invalid data compressed len 1285 uncompressed 1285 last_head 1285
No such file or directory
=================================================================
==21958==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 24 byte(s) in 1 object(s) allocated from:
#0 0x7fdb9148d602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
#1 0x42790f in fill_buffer test/lrzip-uaf/git/build_asan/stream.c:1706
#2 0x42790f in read_stream test/lrzip-uaf/git/build_asan/stream.c:1799
SUMMARY: AddressSanitizer: 24 byte(s) leaked in 1 allocation(s).Metadata
Assignees
Labels
No labels