phpdbg memory leaks by option "-h"

[randomssr]

Description

phpdbg memory leaks by misuse of the option "-h"

When the program input contains the option of "-h", the program will cause memory leaks and cause crash.

Test Environment

Ubuntu 20.04, 64 bit PHP (version: 8.0.23)

How to trigger

1. Compile the program with AddressSanitizer $ CC=/home/root/AFLplusplus/afl-clang-fast CXX=/home/root/AFLplusplus/afl-clang-fast++ CFLAGS="-g -O0 -fsanitize=address" CXXFLAGS="-g -O0 -fsanitize=address" ./configure --prefix=pwd/install
2. Run command $ ./phpdbg -h

Details

ASAN report

$ ./phpdbg   -h 
�[1mphpdbg�[0m is a lightweight, powerful and easy to use debugging platform for
PHP5.4+
It supports the following commands:

�[1mInformation�[0m
  �[1mlist�[0m      list PHP source
  �[1minfo�[0m      displays information on the debug session
  �[1mprint�[0m     show opcodes
  �[1mframe�[0m     select a stack frame and print a stack frame summary
  �[1mgenerator�[0m show active generators or select a generator frame
  �[1mback�[0m      shows the current backtrace
  �[1mhelp�[0m      provide help on a topic

�[1mStarting and Stopping Execution�[0m
  �[1mexec�[0m      set execution context
  �[1mstdin�[0m     set executing script from stdin
  �[1mrun�[0m       attempt execution
  �[1mstep�[0m      continue execution until other line is reached
  �[1mcontinue�[0m  continue execution
  �[1muntil�[0m     continue execution up to the given location
  �[1mnext�[0m      continue execution up to the given location and halt on the first
line after it
  �[1mfinish�[0m    continue up to end of the current execution frame
  �[1mleave�[0m     continue up to end of the current execution frame and halt after
the calling instruction
  �[1mbreak�[0m     set a breakpoint at the specified target
  �[1mwatch�[0m     set a watchpoint on $variable
  �[1mclear�[0m     clear one or all breakpoints
  �[1mclean�[0m     clean the execution environment

�[1mMiscellaneous�[0m
  �[1mset�[0m       set the phpdbg configuration
  �[1msource�[0m    execute a phpdbginit script
  �[1mregister�[0m  register a phpdbginit function as a command alias
  �[1msh�[0m        shell a command
  �[1mev�[0m        evaluate some code
  �[1mquit�[0m      exit phpdbg

Type �[1mhelp <command>�[0m or (�[1mhelp alias�[0m) to get detailed help on any of the above

---Type <return> to continue or q <return> to quit---
commands, for example �[1mhelp list�[0m or �[1mh l�[0m.  Note that help will also match
partial commands if unique (and list out options if not unique), so �[1mhelp exp�[0m
will give help on the �[1mexport�[0m command, but �[1mhelp ex�[0m will list the summary for
�[1mexec�[0m and �[1mexport�[0m.

Type �[1mhelp aliases�[0m to show a full alias list, including any registered phpdginit
functions
Type �[1mhelp syntax�[0m for a general introduction to the command syntax.
Type �[1mhelp options�[0m for a list of phpdbg command line options.
Type �[1mhelp phpdbginit�[0m to show how to customise the debugger environment.

requested help page could not be found

=================================================================
==865119==ERROR: LeakSanitizer: detected memory leaks



SUMMARY: AddressSanitizer: 6528 byte(s) leaked in 204 allocation(s).

The complete asan report can be seen from ASANReport

PHP Version

PHP 8.0.23

Operating System

No response

[adsr]

#9713