Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Memory leak detected #67

Closed
fCorleone opened this issue Jul 14, 2018 · 3 comments
Closed

Memory leak detected #67

fCorleone opened this issue Jul 14, 2018 · 3 comments
Assignees
@saitoha
Labels
bug

Comments

@fCorleone
Copy link

Memory leaks detected when running program sixel2png the input file is map8.six, with address sanitizer.

=================================================================
==8599==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 65536 byte(s) in 1 object(s) allocated from:
    #0 0x7fe68bb70602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
    #1 0x7fe68b87cae8 in sixel_decoder_decode /home/mfc_fuzz/libsixel/src/decoder.c:277

Direct leak of 1302 byte(s) in 1 object(s) allocated from:
    #0 0x7fe68bb70602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
    #1 0x7fe68b790377 in image_buffer_resize /home/mfc_fuzz/libsixel/src/fromsixel.c:292

Direct leak of 24 byte(s) in 1 object(s) allocated from:
    #0 0x7fe68bb70602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
    #1 0x7fe68b798631 in sixel_decode_raw /home/mfc_fuzz/libsixel/src/fromsixel.c:887
@fCorleone
Copy link
Author

Another memory leak detected .

=================================================================
==8561==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x7fc7ef07b602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
    #1 0x7fc7eed9c9ba in sixel_allocator_new /home/mfc_fuzz/libsixel/src/allocator.c:75

The program I ran is img2sixel and the input file is map8.png.

@saitoha saitoha self-assigned this Jul 15, 2018
@saitoha saitoha added the bug label Jul 15, 2018
@fgeek
Copy link

fgeek commented Jul 19, 2018
edited
Loading

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14072 and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14073 has been assigned for these issues (not requested by me). This is also tracked in Debian: https://bugs.debian.org/903858

saitoha added a commit that referenced this issue Jul 22, 2018
@saitoha
Fix memory leak problems reported in #67
f94bc6f 
#67
@saitoha
Copy link
Owner

saitoha commented Jul 22, 2018

@fCorleone @fgeek Thanks for reporting!

@saitoha saitoha closed this as completed Jul 22, 2018
willysr pushed a commit to SlackBuildsOrg/slackbuilds that referenced this issue Jul 28, 2018
@willysr
libraries/libsixel: Updated for version 1.8.2.
2701a4b 
This fixes CVE-2018-14072 and CVE-2018-14073.
  saitoha/libsixel#67
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14072
  https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14073
(* Security fix *)

Signed-off-by: David Spencer <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@saitoha saitoha

Labels
bug
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@fgeek @saitoha @fCorleone