Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix a memory leak in X509_issuer_and_serial_hash [1.1.1] #18370

Closed
wants to merge 1 commit into from
Closed

Fix a memory leak in X509_issuer_and_serial_hash [1.1.1] #18370

wants to merge 1 commit into from

Commits on May 21, 2022

  1. Fix a memory leak in X509_issuer_and_serial_hash 

    This is reproducible with my error injection patch:

$ ERROR_INJECT=1653267699 ../util/shlib_wrap.sh ./x509-test ./corpora/x509/5f4034ae85d6587dcad4da3e812e80f3d312894d
ERROR_INJECT=1653267699
    #0 0x7fd485a6ad4f in __sanitizer_print_stack_trace ../../../../src/libsanitizer/asan/asan_stack.cc:36
    openssl#1 0x55c12d268724 in my_malloc fuzz/test-corpus.c:114
    openssl#2 0x7fd484f51a75 in CRYPTO_zalloc crypto/mem.c:230
    openssl#3 0x7fd484ed778d in EVP_DigestInit_ex crypto/evp/digest.c:139
    openssl#4 0x7fd4850a9849 in X509_issuer_and_serial_hash crypto/x509/x509_cmp.c:44
    openssl#5 0x55c12d268951 in FuzzerTestOneInput fuzz/x509.c:44
    openssl#6 0x55c12d268239 in testfile fuzz/test-corpus.c:182
    openssl#7 0x55c12d267c7f in main fuzz/test-corpus.c:226
    openssl#8 0x7fd483a42082 in __libc_start_main ../csu/libc-start.c:308
    openssl#9 0x55c12d267e5d in _start (/home/ed/OPCToolboxV5/Source/Core/OpenSSL/openssl/fuzz/x509-test+0x3e5d)

=================================================================
==1058475==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 268 byte(s) in 1 object(s) allocated from:
    #0 0x7fd485a5dc3e in __interceptor_realloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:163
    openssl#1 0x7fd484d2eb9b in BUF_MEM_grow crypto/buffer/buffer.c:97
    openssl#2 0x7fd4850b2913 in X509_NAME_oneline crypto/x509/x509_obj.c:43
    openssl#3 0x7fd4850a982f in X509_issuer_and_serial_hash crypto/x509/x509_cmp.c:41
    openssl#4 0x55c12d268951 in FuzzerTestOneInput fuzz/x509.c:44
    openssl#5 0x55c12d268239 in testfile fuzz/test-corpus.c:182
    openssl#6 0x55c12d267c7f in main fuzz/test-corpus.c:226
    openssl#7 0x7fd483a42082 in __libc_start_main ../csu/libc-start.c:308

SUMMARY: AddressSanitizer: 268 byte(s) leaked in 1 allocation(s).
    @bernd-edlinger
    bernd-edlinger committed May 21, 2022
    Configuration menu
    Copy the full SHA
    e6e0acb View commit details
    Browse the repository at this point in the history