]> git.ipfire.org Git - thirdparty/suricata.git/commitdiff
projects / thirdparty / suricata.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 48b4494)
conf: Memory-leak in DetectAddressTestConfVars
authorWolfgang Hotwagner <code@feedyourhead.at>
Fri, 8 Dec 2017 21:05:29 +0000 (21:05 +0000)
committerVictor Julien <victor@inliniac.net>
Tue, 30 Jan 2018 09:32:16 +0000 (10:32 +0100)
There is a memory-leak in DetectAddressTestConfVars. If the programm takes the "goto error"-path, the pointers gh and ghn will not be freed. This commit fixes bug #2345. Here is the ASAN-output:

=================================================================
ERROR: LeakSanitizer: detected memory leaks

Direct leak of 24 byte(s) in 1 object(s) allocated from:
0 0x7f4347cb1d28 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1d28)
1 0x55fe1fc8dcfc in DetectAddressHeadInit /root/suricata-1/src/detect-engine-address.c:1534
2 0x55fe1fc8c50a in DetectAddressTestConfVars /root/suricata-1/src/detect-engine-address.c:1306
3 0x55fe1ff356bd in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2696
4 0x55fe1ff365eb in main /root/suricata-1/src/suricata.c:2884
5 0x7f43443892b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)

Direct leak of 24 byte(s) in 1 object(s) allocated from:
0 0x7f4347cb1d28 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.3+0xc1d28)
1 0x55fe1fc8dcfc in DetectAddressHeadInit /root/suricata-1/src/detect-engine-address.c:1534
2 0x55fe1fc8c524 in DetectAddressTestConfVars /root/suricata-1/src/detect-engine-address.c:1310
3 0x55fe1ff356bd in PostConfLoadedSetup /root/suricata-1/src/suricata.c:2696
4 0x55fe1ff365eb in main /root/suricata-1/src/suricata.c:2884
5 0x7f43443892b0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202b0)

SUMMARY: AddressSanitizer: 48 byte(s) leaked in 2 allocation(s).

src/detect-engine-address.c patch | blob | blame | history

diff --git a/src/detect-engine-address.c b/src/detect-engine-address.c
index 694a764aca384f5fc362acf85131cab3f15564ed..6bedb2eeee371e8ab19ccfb665c815fbb385acfe 100644 (file)
--- a/src/detect-engine-address.c
+++ b/src/detect-engine-address.c
@@ -1299,15 +1299,18 @@ int DetectAddressTestConfVars(void)
         return 0;
     }
 
+    DetectAddressHead *gh = NULL;
+    DetectAddressHead *ghn = NULL;
+
     ConfNode *seq_node;
     TAILQ_FOREACH(seq_node, &address_vars_node->head, next) {
         SCLogDebug("Testing %s - %s", seq_node->name, seq_node->val);
 
-        DetectAddressHead *gh = DetectAddressHeadInit();
+        gh = DetectAddressHeadInit();
         if (gh == NULL) {
             goto error;
         }
-        DetectAddressHead *ghn = DetectAddressHeadInit();
+        ghn = DetectAddressHeadInit();
         if (ghn == NULL) {
             goto error;
         }
@@ -1340,14 +1343,22 @@ int DetectAddressTestConfVars(void)
             goto error;
         }
 
-        if (gh != NULL)
+        if (gh != NULL) {
             DetectAddressHeadFree(gh);
-        if (ghn != NULL)
+            gh = NULL;
+        }
+        if (ghn != NULL) {
             DetectAddressHeadFree(ghn);
+            ghn = NULL;
+        }
     }
 
     return 0;
  error:
+    if (gh != NULL)
+        DetectAddressHeadFree(gh);
+    if (ghn != NULL)
+        DetectAddressHeadFree(ghn);
     return -1;
 }
 
Mirror of https://github.com/OISF/suricata.git