search

openvswitch / ovs-issues

Issue tracker repo for Open vSwitch
10 stars 3 forks source link

memory leak exists in the function ovs_pcap_open #315

Closed ccccgb closed 10 months ago

ccccgb commented 11 months ago

project

https://www.openvswitch.org/download/ version:2.17.8

os info

Ubuntu18.04 TLS

poc

poc.zip

build

wget https://www.openvswitch.org/releases/openvswitch-2.17.8.tar.gz ./configure CFLAGS="-g -O2 -fno-omit-frame-pointer -fno-common" make ./tests/ovstest test-flows ./poc @@

ASAN Info

./tests/ovstest test-flows ./poc @@ 2023-12-18T07:25:24Z|00001|pcap|WARN|@@: failed to open pcap file for reading (No such file or directory) test-flows: failed to open @@ (No such file or directory)

================================================================= ==3820990==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 16 byte(s) in 1 object(s) allocated from:

0 0x499dcd in malloc (/home/ubuntu/ovs/tests/ovstest+0x499dcd)

#1 0x826df7 in xmalloc__ /home/ubuntu/ovs/lib/util.c:137:15
#2 0x826df7 in xmalloc /home/ubuntu/ovs/lib/util.c:172:12
#3 0x7ab6e3 in ovs_pcap_open /home/ubuntu/final/ovs/lib/pcap-file.c:83:14
#4 0x509c18 in test_flows_main /home/ubuntu/ovs/tests/test-flows.c:51:12
#5 0x509c18 in ovstest_wrapper_test_flows_main__ /home/ubuntu/ovs/tests/test-flows.c:101:1
#6 0x57a2ba in ovs_cmdl_run_command__ /home/ubuntu/ctf_comp/ovs/lib/command-line.c:247:17
#7 0x4c9fb1 in main /home/ubuntu/ovs/tests/ovstest.c:133:9
#8 0x7ffff78d2082 in __libc_start_main /build/glibc-SzIz7B/glibc-2.31/csu/../csu/libc-start.c:308:16

SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s).

igsilya commented 10 months ago

Hi, @dddduge . Are you sure you're running OVS 2.17? The issue you described supposed to be fixed long ago in commit https://github.com/openvswitch/ovs/commit/3168f328c78cf6e4b3022940452673b0e49f7620.

risicle commented 10 months ago

FWIW CVE-2024-22563 has been assigned to this issue.

igsilya commented 10 months ago

@risicle what is the reason for requesting this CVE? The issue was fixed in 2021, and it doesn't affect users, since it was present in a test-related code only. It is not reproducible with 2.17.8 or earlier versions of OVS 2.17.

FWIW, the process [1] for security related issues is to send a report to security@openvswitch.org instead of reporting publicly on GitHub; OVS security team then can asses the issue and decide if it is indeed a security issue and request a CVE allocation for it.

[1] https://docs.openvswitch.org/en/latest/internals/security/

igsilya commented 10 months ago

Closing this issue, as it doesn't actually exist in any supported version of Open vSwitch. (And it doesn't exist in 2.17.8.)

risicle commented 10 months ago

I did not request the CVE, I'm merely telling you that there is a CVE pointing here. I have nothing else to do with it.

igsilya commented 10 months ago

@risicle Ack. Sorry, I assumed you were a requester. Thanks for the information.

Will try to get some clarification from a CNA.