Skip to content

Commit

Permalink
Fix another memory leak reported in CIFuzz
Browse files Browse the repository at this point in the history
Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3
    #1 0x57acd9 in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12
    #2 0x57e106 in CRYPTO_strdup /src/openssl/crypto/o_str.c:24:11
    #3 0x5c139f in def_load_bio /src/openssl/crypto/conf/conf_def.c:427:45
    #4 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12
    #5 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5
    #6 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12
    #7 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp
    #8 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6
    #9 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp
    #10 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
    #11 0x7f15336bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2)

Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from openssl#16813)

(cherry picked from commit 19b30f1)
  • Loading branch information
bernd-edlinger committed Oct 14, 2021
1 parent 7c88260 commit 09fc342
Show file tree
Hide file tree
Showing 2 changed files with 6 additions and 2 deletions.
7 changes: 5 additions & 2 deletions crypto/conf/conf_api.c
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,11 @@ IMPLEMENT_LHASH_DOALL_ARG_CONST(CONF_VALUE, LH_CONF_VALUE);

void _CONF_free_data(CONF *conf)
{
if (conf == NULL || conf->data == NULL)
if (conf == NULL)
return;

OPENSSL_free(conf->includedir);
if (conf->data == NULL)
return;

/* evil thing to make sure the 'OPENSSL_free()' works as expected */
Expand All @@ -147,7 +151,6 @@ void _CONF_free_data(CONF *conf)
* with
*/

OPENSSL_free(conf->includedir);
lh_CONF_VALUE_doall(conf->data, value_free_stack_doall);
lh_CONF_VALUE_free(conf->data);
}
Expand Down
1 change: 1 addition & 0 deletions crypto/conf/conf_def.c
Original file line number Diff line number Diff line change
Expand Up @@ -424,6 +424,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line)
if (!parsebool(pval, &conf->flag_abspath))
goto err;
} else if (strcmp(p, "includedir") == 0) {
OPENSSL_free(conf->includedir);
if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) {
ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE);
goto err;
Expand Down

0 comments on commit 09fc342

Please sign in to comment.