Using the prepared patch file reproduce.patch for better illustration.
patch -p1 < reproduce.patch
Compile
make
Start the server
./bin/server/server_ftp.out
Start the client to establish the connection and exit immediately
timeout 1s ./bin/client/client_ftp.out
Then, the server will crash with AddressSanitizer report:
=================================================================
==1199805==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 512 byte(s) in 1 object(s) allocated from:
#0 0x55ec05154f7e in __interceptor_malloc (/root/projects/FTP/bin/server/server_ftp.out+0xa6f7e) (BuildId: 66b4d91f9c39c73e3399c16f9d667ddf369a1250)
#1 0x55ec05192071 in serve_client /root/projects/FTP/server_ftp.c:53:41
#2 0x55ec05191e28 in main /root/projects/FTP/server_ftp.c:40:2
#3 0x7f6b1e895d09 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x23d09) (BuildId: b503275bf9fee51581fdceef97533b194035b4f7)
Direct leak of 8 byte(s) in 1 object(s) allocated from:
#0 0x55ec05154f7e in __interceptor_malloc (/root/projects/FTP/bin/server/server_ftp.out+0xa6f7e) (BuildId: 66b4d91f9c39c73e3399c16f9d667ddf369a1250)
#1 0x55ec0518f917 in client_info_alloc /root/projects/FTP/server_ftp_functions.c:7:49
#2 0x55ec05191e15 in main /root/projects/FTP/server_ftp.c:39:27
#3 0x7f6b1e895d09 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x23d09) (BuildId: b503275bf9fee51581fdceef97533b194035b4f7)
SUMMARY: AddressSanitizer: 520 byte(s) leaked in 2 allocation(s).
Bug analysis
The server use function serve_client to handle each connection from the client:
How to reproduce
Using the prepared patch file reproduce.patch for better illustration.
patch -p1 < reproduce.patchCompile
Start the server
Start the client to establish the connection and exit immediately
Then, the server will crash with AddressSanitizer report:
Bug analysis
The server use function
serve_clientto handle each connection from the client:FTP/server_ftp.c
Lines 32 to 41 in 96c1a35
In the function
serve_client, the memory allocated viamallocis never freed, causing memory leak.FTP/server_ftp.c
Line 53 in 96c1a35
This bug can cause denial-of-service.
The text was updated successfully, but these errors were encountered: