search

openvswitch / ovs-issues

Issue tracker repo for Open vSwitch
10 stars 3 forks source link

memory leak exists in the function ovs_pcap_open #315

Closed ccccgb closed 6 months ago

ccccgb commented 7 months ago

project

https://www.openvswitch.org/download/ version:2.17.8

os info

Ubuntu18.04 TLS

poc

poc.zip

build

wget https://www.openvswitch.org/releases/openvswitch-2.17.8.tar.gz ./configure CFLAGS="-g -O2 -fno-omit-frame-pointer -fno-common" make ./tests/ovstest test-flows ./poc @@

ASAN Info

./tests/ovstest test-flows ./poc @@ 2023-12-18T07:25:24Z|00001|pcap|WARN|@@: failed to open pcap file for reading (No such file or directory) test-flows: failed to open @@ (No such file or directory)

================================================================= ==3820990==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 16 byte(s) in 1 object(s) allocated from:

0 0x499dcd in malloc (/home/ubuntu/ovs/tests/ovstest+0x499dcd)

#1 0x826df7 in xmalloc__ /home/ubuntu/ovs/lib/util.c:137:15
#2 0x826df7 in xmalloc /home/ubuntu/ovs/lib/util.c:172:12
#3 0x7ab6e3 in ovs_pcap_open /home/ubuntu/final/ovs/lib/pcap-file.c:83:14
#4 0x509c18 in test_flows_main /home/ubuntu/ovs/tests/test-flows.c:51:12
#5 0x509c18 in ovstest_wrapper_test_flows_main__ /home/ubuntu/ovs/tests/test-flows.c:101:1
#6 0x57a2ba in ovs_cmdl_run_command__ /home/ubuntu/ctf_comp/ovs/lib/command-line.c:247:17
#7 0x4c9fb1 in main /home/ubuntu/ovs/tests/ovstest.c:133:9
#8 0x7ffff78d2082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16

SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).

igsilya commented 6 months ago

Hi, @dddduge . Are you sure you're running OVS 2.17? The issue you described supposed to be fixed long ago in commit https://github.com/openvswitch/ovs/commit/3168f328c78cf6e4b3022940452673b0e49f7620.

risicle commented 6 months ago

FWIW CVE-2024-22563 has been assigned to this issue.

igsilya commented 6 months ago

@risicle what is the reason for requesting this CVE? The issue was fixed in 2021, and it doesn't affect users, since it was present in a test-related code only. It is not reproducible with 2.17.8 or earlier versions of OVS 2.17.

FWIW, the process [1] for security related issues is to send a report to security@openvswitch.org instead of reporting publicly on GitHub; OVS security team then can asses the issue and decide if it is indeed a security issue and request a CVE allocation for it.

[1] https://docs.openvswitch.org/en/latest/internals/security/

igsilya commented 6 months ago

Closing this issue, as it doesn't actually exist in any supported version of Open vSwitch. (And it doesn't exist in 2.17.8.)

risicle commented 6 months ago

I did not request the CVE, I'm merely telling you that there is a CVE pointing here. I have nothing else to do with it.

igsilya commented 6 months ago

@risicle Ack. Sorry, I assumed you were a requester. Thanks for the information.

Will try to get some clarification from a CNA.