You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
For some inputs onig_new() allocates memory that doesn't get free'd, even if one subsequently calls onig_free on the created regexp. This makes fuzzing oniguruma harder, because a fuzzing process with a tool like libfuzzer will constantly grow in memory usage due to the leaks.
If you run this with a memory leak detector (e.g. valgrind or newer versions of address sanitizer) it'll report leaked memory.
Here's a debugging output from asan:
==11769==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 56 byte(s) in 1 object(s) allocated from:
#0 0x4c1678 in __interceptor_malloc (/mnt/ram/a.out+0x4c1678)
#1 0x4fe15a in node_new /mnt/ram/oniguruma/src/regparse.c:1072:18
#2 0x4fe15a in node_new_enclose /mnt/ram/oniguruma/src/regparse.c:1278
#3 0x4fe15a in node_new_enclose_memory /mnt/ram/oniguruma/src/regparse.c:1301
#4 0x4fe15a in parse_enclose /mnt/ram/oniguruma/src/regparse.c:4639
#5 0x4fe15a in parse_exp /mnt/ram/oniguruma/src/regparse.c:4899
#6 0x4fd869 in parse_branch /mnt/ram/oniguruma/src/regparse.c:5222:7
#7 0x4fb683 in parse_subexp /mnt/ram/oniguruma/src/regparse.c:5259:7
#8 0x4f5349 in parse_regexp /mnt/ram/oniguruma/src/regparse.c:5304:7
#9 0x4f5349 in onig_parse_make_tree /mnt/ram/oniguruma/src/regparse.c:5335
#10 0x50f8c9 in onig_compile /mnt/ram/oniguruma/src/regcomp.c:5279:7
#11 0x52a083 in onig_new /mnt/ram/oniguruma/src/regcomp.c:5518:7
Direct leak of 56 byte(s) in 1 object(s) allocated from:
#0 0x4c1678 in __interceptor_malloc (/mnt/ram/a.out+0x4c1678)
#1 0x4fe15a in node_new /mnt/ram/oniguruma/src/regparse.c:1072:18
#2 0x4fe15a in node_new_enclose /mnt/ram/oniguruma/src/regparse.c:1278
#3 0x4fe15a in node_new_enclose_memory /mnt/ram/oniguruma/src/regparse.c:1301
#4 0x4fe15a in parse_enclose /mnt/ram/oniguruma/src/regparse.c:4639
#5 0x4fe15a in parse_exp /mnt/ram/oniguruma/src/regparse.c:4899
#6 0x4fd869 in parse_branch /mnt/ram/oniguruma/src/regparse.c:5222:7
#7 0x4fb683 in parse_subexp /mnt/ram/oniguruma/src/regparse.c:5259:7
#8 0x4fe326 in parse_enclose /mnt/ram/oniguruma/src/regparse.c:4649:7
#9 0x4fe326 in parse_exp /mnt/ram/oniguruma/src/regparse.c:4899
#10 0x4fd869 in parse_branch /mnt/ram/oniguruma/src/regparse.c:5222:7
#11 0x4fb683 in parse_subexp /mnt/ram/oniguruma/src/regparse.c:5259:7
#12 0x4f5349 in parse_regexp /mnt/ram/oniguruma/src/regparse.c:5304:7
#13 0x4f5349 in onig_parse_make_tree /mnt/ram/oniguruma/src/regparse.c:5335
#14 0x50f8c9 in onig_compile /mnt/ram/oniguruma/src/regcomp.c:5279:7
#15 0x52a083 in onig_new /mnt/ram/oniguruma/src/regcomp.c:5518:7
SUMMARY: AddressSanitizer: 112 byte(s) leaked in 2 allocation(s).
The text was updated successfully, but these errors were encountered:
For some inputs onig_new() allocates memory that doesn't get free'd, even if one subsequently calls onig_free on the created regexp. This makes fuzzing oniguruma harder, because a fuzzing process with a tool like libfuzzer will constantly grow in memory usage due to the leaks.
Example code:
If you run this with a memory leak detector (e.g. valgrind or newer versions of address sanitizer) it'll report leaked memory.
Here's a debugging output from asan:
The text was updated successfully, but these errors were encountered: