Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

There is a memory leak defect at line 312 in the file openssl/test/v3ext.c. #23897

Closed
LuMingYinDetect opened this issue Mar 20, 2024 · 1 comment
Closed

There is a memory leak defect at line 312 in the file openssl/test/v3ext.c. #23897

LuMingYinDetect opened this issue Mar 20, 2024 · 1 comment
Assignees
@vdukhovni
Labels
branch: master Merge to master branch branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 branch: 3.2 Merge to openssl-3.2 branch: 3.3 Merge to openssl-3.3 triaged: bug The issue/pr is/fixes a bug

Comments

@LuMingYinDetect
Copy link

At line 233 in the file openssl/test/v3ext.c, a pointer named f1 is defined. This pointer allocates a dynamic memory region at line 262 through the function IPAddressFamily_new. When the if statement at line 262 returns false, it indicates successful allocation of dynamic memory for f1. Subsequently, at line 265, the program allocates a dynamic memory region for the ipAddressChoice member of pointer f1 through the function IPAddressChoice_new. If the if statement at line 265 returns true, the program will jump to the end label at line 308 from line 266, thereby bypassing the IPAddressFamily_free(f1) operation at line 281. The end label does not release the dynamic memory region pointed to by f1, thus constituting a memory leak defect. The diagram below illustrates the detailed path of the defect:https://github.com/LuMingYinDetect/openssl_defects/blob/main/openssl_2.png
@LuMingYinDetect LuMingYinDetect added the issue: bug report The issue was opened to report a bug label Mar 20, 2024
@nhorman nhorman added the triaged: bug The issue/pr is/fixes a bug label Mar 20, 2024
shahsb added a commit to shahsb/openssl that referenced this issue Mar 20, 2024
@shahsb
There is a memory leak defect at line 312 in the file openssl/test/v3…
f91a085 
…ext.c

At line 233 in the file openssl/test/v3ext.c, a pointer named f1 is
defined. This pointer allocates a dynamic memory region at line 262
through the function IPAddressFamily_new. When the if statement at line
262 returns false, it indicates successful allocation of dynamic memory
for f1. Subsequently, at line 265, the program allocates a dynamic
memory region for the ipAddressChoice member of pointer f1 through
the function IPAddressChoice_new. If the if statement at line 265
returns true, the program will jump to the end label at line 308
from line 266, thereby bypassing the IPAddressFamily_free(f1)
operation at line 281. The end label does not release the dynamic
memory region pointed to by f1, thus constituting a memory leak
defect. The diagram below illustrates the detailed path of the
defect:https://github.com/LuMingYinDetect/openssl_defects/blob/main/openssl_2.png

Fixes openssl#23897
@shahsb shahsb mentioned this issue Mar 20, 2024
Closed
2 tasks
@nhorman nhorman assigned nhorman and vdukhovni and unassigned nhorman Mar 27, 2024
vdukhovni pushed a commit to vdukhovni/openssl that referenced this issue Mar 27, 2024
@hs-viktor
Avoid memory leak in error path (openssl#23897)
3fb3b30
vdukhovni pushed a commit to vdukhovni/openssl that referenced this issue Mar 27, 2024
@hs-viktor
Avoid memory leak in x509_test error path (openssl#23897)
1a7d944 
Fixes openssl#23897
@vdukhovni vdukhovni mentioned this issue Mar 27, 2024
Closed
1 task
vdukhovni pushed a commit to vdukhovni/openssl that referenced this issue Mar 27, 2024
Avoid memory leak in x509_test error path (openssl#23897)
a9fe0f0 
Fixes openssl#23897
@tom-cosgrove-arm
Copy link
Contributor

Note: there are two proposed fixes to this, #23906 which seemingly has a potential for double-free, and #23991 which appears quite complicated for what it's trying to do.

@t8m t8m added branch: master Merge to master branch branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 branch: 3.2 Merge to openssl-3.2 branch: 3.3 Merge to openssl-3.3 and removed issue: bug report The issue was opened to report a bug labels Apr 2, 2024
vdukhovni pushed a commit to vdukhovni/openssl that referenced this issue May 6, 2024
Avoid memory leak in x509_test error path (openssl#23897)
7f1f51c 
Fixes openssl#23897
openssl-machine pushed a commit that referenced this issue May 8, 2024
@t8m
Avoid memory leak in x509_test error path
b9226d0 
Fixes #23897

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #23991)

(cherry picked from commit 7cbca5a)
openssl-machine pushed a commit that referenced this issue May 8, 2024
@t8m
Avoid memory leak in x509_test error path
b50d1c2 
Fixes #23897

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #23991)

(cherry picked from commit 7cbca5a)
openssl-machine pushed a commit that referenced this issue May 8, 2024
@t8m
Avoid memory leak in x509_test error path
351f06e 
Fixes #23897

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #23991)

(cherry picked from commit 7cbca5a)
openssl-machine pushed a commit that referenced this issue May 8, 2024
@t8m
Avoid memory leak in x509_test error path
fc6c3a9 
Fixes #23897

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #23991)

(cherry picked from commit 7cbca5a)
jvdsn pushed a commit to jvdsn/openssl that referenced this issue Jun 3, 2024
@jvdsn
Avoid memory leak in x509_test error path
309a8cf 
Fixes openssl#23897

Reviewed-by: Neil Horman <nhorman@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from openssl#23991)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vdukhovni vdukhovni

Labels
branch: master Merge to master branch branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 branch: 3.2 Merge to openssl-3.2 branch: 3.3 Merge to openssl-3.3 triaged: bug The issue/pr is/fixes a bug
Projects
Project Board
Status: Done
Milestone
No milestone
5 participants
@nhorman @vdukhovni @t8m @tom-cosgrove-arm @LuMingYinDetect