Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memory leak in sapi/fuzzer/fuzzer-unserializehash.c, sapi/fuzzer/fuzzer-unserialize.c, sapi/fuzzer/fuzzer-json.c, sapi/fuzzer/fuzzer-mbregex.c detected by cppchecker #18081

Closed
Lung-Alexandra opened this issue Mar 15, 2025 · 0 comments
Closed

Memory leak in sapi/fuzzer/fuzzer-unserializehash.c, sapi/fuzzer/fuzzer-unserialize.c, sapi/fuzzer/fuzzer-json.c, sapi/fuzzer/fuzzer-mbregex.c detected by cppchecker #18081

Lung-Alexandra opened this issue Mar 15, 2025 · 0 comments
Labels
Bug SAPI: fuzzer Status: Verified

Comments

@Lung-Alexandra
Copy link
Contributor

Lung-Alexandra commented Mar 15, 2025
edited
Loading

Description

I have detected a potential memory leak in sapi/fuzzer/fuzzer-unserializehash.c(line 43), sapi/fuzzer/fuzzer-unserialize.c(line 38) , sapi/fuzzer/fuzzer-json.c(line 39), sapi/fuzzer/fuzzer-mbregex.c(line 39)

I ran cppchecker on the fuzzer components and discovered several memory leaks. The issue is caused by the allocated memory for orig_data/ data which is not freed when fuzzer_request_startup() returns FAILURE. This happens because the function returns immediately without calling free(orig_data) / free(data), leading to a memory leak.

CppCheck Error Message:

fuzzer-json.c:39:3: error: Memory leak: data [memleak]
  return 0;

fuzzer-mbregex.c:39:3: error: Memory leak: data [memleak]
  return 0;

fuzzer-unserialize.c:38:3: error: Memory leak: orig_data [memleak]
  return 0;

fuzzer-unserializehash.c:43:3: error: Memory leak: orig_data [memleak]
  return 0;

I will submit a pull request with a fix shortly.

PHP Version

PHP 8.3

Operating System

No response
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Bug SAPI: fuzzer Status: Verified
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Fix memory leaks in fuzzer modules detected by cppchecker #18081 Lung-Alexandra/php-src
3 participants
@devnexen @nielsdos @Lung-Alexandra