Closed Bug 1344660 Opened 4 years ago Closed 4 years ago

Direct leak of 18432 byte(s) in ssl3_HandleRecord(), ssl3con.c:12644:14

Categories

(NSS :: Libraries, defect)

defect
Not set
normal

Tracking

(Not tracked)

RESOLVED FIXED

People

(Reporter: ttaubert, Assigned: ttaubert)

References

(Blocks 1 open bug)

Details

Attachments

(1 file)

./nssfuzz-tls-server leak-8344075126119786e47ac682d4b04f03cec27a24                          
INFO: Seed: 3781990943
INFO: Loaded 0 modules (0 guards): 
./nssfuzz-tls-server: Running 1 inputs 1 time(s) each.
Running: leak-8344075126119786e47ac682d4b04f03cec27a24

=================================================================
==11572==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 18432 byte(s) in 1 object(s) allocated from:
    #0 0x4d0068 in __interceptor_malloc (/home/tim/workspace/dist/Debug/bin/nssfuzz-tls-server+0x4d0068)
    #1 0xbf6109 in PR_Malloc /home/tim/workspace/nspr/Debug/pr/src/malloc/../../../../pr/src/malloc/prmem.c:435:55
    #2 0x725f41 in PORT_Alloc_Util /home/tim/workspace/nss/out/Debug/../../lib/util/secport.c:85:14
    #3 0x5d7b37 in sslBuffer_Grow /home/tim/workspace/nss/out/Debug/../../lib/ssl/sslsecur.c:451:39
    #4 0x664d57 in ssl3_HandleRecord /home/tim/workspace/nss/out/Debug/../../lib/ssl/ssl3con.c:12644:14
    #5 0x6a2db4 in ssl3_GatherCompleteHandshake /home/tim/workspace/nss/out/Debug/../../lib/ssl/ssl3gthr.c:514:22
    #6 0x6a86a2 in ssl_GatherRecord1stHandshake /home/tim/workspace/nss/out/Debug/../../lib/ssl/sslcon.c:78:10
    #7 0x5d34d0 in ssl_Do1stHandshake /home/tim/workspace/nss/out/Debug/../../lib/ssl/sslsecur.c:65:14
    #8 0x5d6ffe in SSL_ForceHandshake /home/tim/workspace/nss/out/Debug/../../lib/ssl/sslsecur.c:414:14
    #9 0x50cfad in DoHandshake(PRFileDesc*) /home/tim/workspace/nss/out/Debug/../../fuzz/tls_server_target.cc:86:10
    #10 0x50cfad in LLVMFuzzerTestOneInput /home/tim/workspace/nss/out/Debug/../../fuzz/tls_server_target.cc:145
    #11 0x51a9f4 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /home/tim/workspace/nss/out/Debug/../../fuzz/libFuzzer/FuzzerLoop.cpp:553:13
    #12 0x51b369 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long) /home/tim/workspace/nss/out/Debug/../../fuzz/libFuzzer/FuzzerLoop.cpp:504:3
    #13 0x549c27 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /home/tim/workspace/nss/out/Debug/../../fuzz/libFuzzer/FuzzerDriver.cpp:268:6
    #14 0x54f52c in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /home/tim/workspace/nss/out/Debug/../../fuzz/libFuzzer/FuzzerDriver.cpp:517:9
    #15 0x52a572 in main /home/tim/workspace/nss/out/Debug/../../fuzz/libFuzzer/FuzzerMain.cpp:20:10
    #16 0x7fb687148290 in __libc_start_main (/usr/lib/libc.so.6+0x20290)

SUMMARY: AddressSanitizer: 18432 byte(s) leaked in 1 allocation(s).
Assignee: nobody → ttaubert
Status: NEW → ASSIGNED
Blocks: 1339768
Duplicate of this bug: 576983
https://hg.mozilla.org/projects/nss/rev/957eee268a09
Status: ASSIGNED → RESOLVED
Closed: 4 years ago
Resolution: --- → FIXED
Target Milestone: --- → 3.31
You need to log in before you can comment on or make changes to this bug.