Alloc-dealloc-mismatch in iteminfobox.cpp:127:5

[seviezhou]

System info

Ubuntu X64, gcc (Ubuntu 5.5.0-12ubuntu1), heif (latest master 2fc78e)

Configure

cmake ../srcs -DCMAKE_CXX_FLAGS="-fsanitize=address -g" -DCMAKE_C_FLAGS="-fsanitize=address -g" -DCMAKE_EXE_LINKER_FLAGS="-fsanitize=address"

Command line

modify example.cpp, use example7() to receive filename from command-line.

./build/bin/example @@

AddressSanitizer output

=================================================================
==36085==ERROR: AddressSanitizer: alloc-dealloc-mismatch (malloc vs operator delete) on 0x60c000000040
    #0 0x51bac0 in operator delete(void*) /home/seviezhou/llvm-6.0.0/projects/compiler-rt/lib/asan/asan_new_delete.cc:149
    #1 0x739be0 in std::_Sp_counted_ptr<FDItemInfoExtension*, (__gnu_cxx::_Lock_policy)2>::_M_dispose() /usr/lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr_base.h:377:9
    #2 0x5b2a1f in std::_Sp_counted_base<(__gnu_cxx::_Lock_policy)2>::_M_release() /usr/lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr_base.h:155:6
    #3 0x734570 in std::__shared_count<(__gnu_cxx::_Lock_policy)2>::~__shared_count() /usr/lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr_base.h:728:11
    #4 0x734570 in std::__shared_ptr<ItemInfoExtension, (__gnu_cxx::_Lock_policy)2>::~__shared_ptr() /usr/lib/gcc/x86_64-linux-gnu/8/../../../../include/c++/8/bits/shared_ptr_base.h:1167
    #5 0x734570 in ItemInfoEntry::~ItemInfoEntry() /home/seviezhou/heif/srcs/common/iteminfobox.cpp:143
    #6 0x733188 in ItemInfoBox::parseBox(ISOBMFF::BitStream&) /home/seviezhou/heif/srcs/common/iteminfobox.cpp:127:5
    #7 0x767976 in MetaBox::parseBox(ISOBMFF::BitStream&) /home/seviezhou/heif/srcs/common/metabox.cpp:278:26
    #8 0x544693 in HEIF::HeifReaderImpl::handleMeta(HEIF::StreamIO&) /home/seviezhou/heif/srcs/reader/heifreaderimpl.cpp:559:17
    #9 0x530462 in HEIF::HeifReaderImpl::readStream() /home/seviezhou/heif/srcs/reader/heifreaderimpl.cpp:846:37
    #10 0x52c863 in HEIF::HeifReaderImpl::initialize(HEIF::StreamInterface*) /home/seviezhou/heif/srcs/reader/heifreaderimpl.cpp:120:31
    #11 0x52c2a1 in HEIF::HeifReaderImpl::initialize(char const*) /home/seviezhou/heif/srcs/reader/heifreaderimpl.cpp:94:14
    #12 0x51f2f3 in main /home/seviezhou/heif/srcs/examples/example.cpp:41:17
    #13 0x7fcc5100b83f in __libc_start_main /build/glibc-e6zv40/glibc-2.23/csu/../csu/libc-start.c:291
    #14 0x41f0b8 in _start (/home/seviezhou/heif/build/bin/example+0x41f0b8)

0x60c000000040 is located 0 bytes inside of 120-byte region [0x60c000000040,0x60c0000000b8)
allocated by thread T0 here:
    #0 0x4e32c8 in __interceptor_malloc /home/seviezhou/llvm-6.0.0/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88
    #1 0x7334e4 in ItemInfoEntry::parseBox(ISOBMFF::BitStream&) /home/seviezhou/heif/srcs/common/iteminfobox.cpp:305:33
    #2 0x767976 in MetaBox::parseBox(ISOBMFF::BitStream&) /home/seviezhou/heif/srcs/common/metabox.cpp:278:26
    #3 0x544693 in HEIF::HeifReaderImpl::handleMeta(HEIF::StreamIO&) /home/seviezhou/heif/srcs/reader/heifreaderimpl.cpp:559:17
    #4 0x530462 in HEIF::HeifReaderImpl::readStream() /home/seviezhou/heif/srcs/reader/heifreaderimpl.cpp:846:37
    #5 0x52c863 in HEIF::HeifReaderImpl::initialize(HEIF::StreamInterface*) /home/seviezhou/heif/srcs/reader/heifreaderimpl.cpp:120:31
    #6 0x52c2a1 in HEIF::HeifReaderImpl::initialize(char const*) /home/seviezhou/heif/srcs/reader/heifreaderimpl.cpp:94:14
    #7 0x7fcc5100b83f in __libc_start_main /build/glibc-e6zv40/glibc-2.23/csu/../csu/libc-start.c:291

SUMMARY: AddressSanitizer: alloc-dealloc-mismatch /home/seviezhou/llvm-6.0.0/projects/compiler-rt/lib/asan/asan_new_delete.cc:149 in operator delete(void*)
==36085==HINT: if you don't care about these errors you may set ASAN_OPTIONS=alloc_dealloc_mismatch=0
==36085==ABORTING

POC

alloc-dealloc-mismatch-parseBox-iteminfobox-127.zip

[lassehe]

Thank you for reporting this. Fix for this was included in commit b26a7086cb3eba61872f44c7902c54417f1084d5.