search

michaelrsweet / mxml

Tiny XML library.
https://www.msweet.org/mxml
Apache License 2.0
426 stars 157 forks source link

LeakSanitizer: detected memory leaks #305

Closed tianmai1 closed 2 months ago

tianmai1 commented 10 months ago

I had problems using MXML 3.2 when fuzzing codedoc 3.7

./codedoc poc250
==28384==ERROR: LeakSanitizer: detected memory leaks

Indirect leak of 9064 byte(s) in 103 object(s) allocated from:
    #0 0x7f2d39ba3d28 in __interceptor_calloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xded28)
    #1 0x7f2d398bf664 in mxml_new /home/tianmai/mxml-3.2/mxml-node.c:841

Indirect leak of 136 byte(s) in 17 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf723 in mxmlNewElement /home/tianmai/mxml-3.2/mxml-node.c:383

Indirect leak of 110 byte(s) in 55 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571

Indirect leak of 64 byte(s) in 4 object(s) allocated from:
    #0 0x7f2d39ba3b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f2d398bbcbe in mxml_set_attr /home/tianmai/mxml-3.2/mxml-attr.c:318

Indirect leak of 47 byte(s) in 8 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x20746e656d00796b  (<unknown module>)

Indirect leak of 39 byte(s) in 3 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bff25 in mxmlSetOpaque /home/tianmai/mxml-3.2/mxml-set.c:207

Indirect leak of 23 byte(s) in 1 object(s) allocated from:
    #0 0x7f2d39ba3b40 in __interceptor_malloc (/usr/lib/x86_64-linux-gnu/libasan.so.4+0xdeb40)
    #1 0x7f2d393de2ef in __vasprintf_chk (/lib/x86_64-linux-gnu/libc.so.6+0x1342ef)

Indirect leak of 20 byte(s) in 4 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bbcf1 in mxml_set_attr /home/tianmai/mxml-3.2/mxml-attr.c:333

Indirect leak of 20 byte(s) in 3 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x20746e656d007260  (<unknown module>)

Indirect leak of 18 byte(s) in 3 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x4079647062402029  (<unknown module>)

Indirect leak of 14 byte(s) in 2 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x2d202729287260ff  (<unknown module>)

Indirect leak of 13 byte(s) in 3 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bbe87 in mxmlElementSetAttr /home/tianmai/mxml-3.2/mxml-attr.c:220

Indirect leak of 10 byte(s) in 2 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x454340  (<unknown module>)

Indirect leak of 8 byte(s) in 2 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x20746e656d6d0065  (<unknown module>)

Indirect leak of 8 byte(s) in 3 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x6f6f6620666f2064  (<unknown module>)

Indirect leak of 7 byte(s) in 2 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x28735f6174616442  (<unknown module>)

Indirect leak of 5 byte(s) in 1 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x28735f6100454340  (<unknown module>)

Indirect leak of 4 byte(s) in 2 object(s) allocated from:
    #0 0x7f2d39b3c538 in strdup (/usr/lib/x86_64-linux-gnu/libasan.so.4+0x77538)
    #1 0x7f2d398bf8ad in mxmlNewText /home/tianmai/mxml-3.2/mxml-node.c:571
    #2 0x735f617461647e39  (<unknown module>)

SUMMARY: AddressSanitizer: 9610 byte(s) leaked in 218 allocation(s).

poc250.zip

michaelrsweet commented 10 months ago

Probably not going to have a chance to investigate this for several weeks at least.

michaelrsweet commented 2 months ago

Codedoc issue, not Mini-XML.