search

pts / sam2p

raster (bitmap) image converter with smart PDF and PostScript (EPS) output
http://pts.50.hu/sam2p/
GNU General Public License v2.0
42 stars 16 forks source link

memory leak on fatal error #61

Closed puppet-meteor closed 6 years ago

puppet-meteor commented 6 years ago

There is memory leaks in rule.cpp:606 at sam2p 0.49.4. A crafted input will lead to denial of service attack.

Steps to Reproduce:

./sam2p crash-253 EPS: /dev/null

POC File: https://github.com/puppet-meteor/sam2p_POC/blob/master/crash-253

Information from addresssanitizer:

Available Loaders: PS PDF JAI PNG JPEG TIFF PNM BMP GIF LBM XPM PCX TGA.
Available Appliers: XWD Meta Empty BMP PNG TIFF6 TIFF6-JAI JPEG-JAI JPEG PNM GIF89a+LZW XPM PSL1C PSL23+PDF PSL2+PDF-JAI P-TrOpBb.
sam2p.asan: Error: BMP: Error reading BMP file header #3

=================================================================
==91935==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 14592 byte(s) in 1 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x440329 in Rule::buildProfile(long, unsigned char) /home/puppet/target/sam2p/rule.cpp:606
    #2 0x4093d2 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:1024
    #3 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #4 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Direct leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x44ce7a in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #2 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #3 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #4 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 11648 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x435b89 in Mapping::DoubleHash15::DoubleHash15(unsigned long) /home/puppet/target/sam2p/mapping.cpp:297
    #2 0x448ab1 in MiniPS::Dict::Dict() /home/puppet/target/sam2p/minips.cpp:441
    #3 0x43e5a7 in Rule::OutputRule::fromDict(long) /home/puppet/target/sam2p/rule.cpp:433
    #4 0x4403d9 in Rule::buildProfile(long, unsigned char) /home/puppet/target/sam2p/rule.cpp:618
    #5 0x4093d2 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:1024
    #6 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #7 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 11648 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x435b89 in Mapping::DoubleHash15::DoubleHash15(unsigned long) /home/puppet/target/sam2p/mapping.cpp:297
    #2 0x448ab1 in MiniPS::Dict::Dict() /home/puppet/target/sam2p/minips.cpp:441
    #3 0x44ce85 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #4 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #5 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #6 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #7 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #8 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #9 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 11648 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x435b89 in Mapping::DoubleHash15::DoubleHash15(unsigned long) /home/puppet/target/sam2p/mapping.cpp:297
    #2 0x448ab1 in MiniPS::Dict::Dict() /home/puppet/target/sam2p/minips.cpp:441
    #3 0x44ce85 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #4 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #5 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #6 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #7 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #8 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 6552 byte(s) in 336 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x4333ac in Mapping::DoubleHash::set(char const*, unsigned long, char const*) /home/puppet/target/sam2p/mapping.cpp:49
    #2 0x4491ea in MiniPS::Dict::push(char const*, unsigned long, long) /home/puppet/target/sam2p/minips.cpp:473
    #3 0x44cf96 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:906
    #4 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #5 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #6 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #7 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #8 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 5376 byte(s) in 224 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x44c5a3 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:840
    #2 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #3 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #4 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #5 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #6 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #7 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 4032 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x448a9e in MiniPS::Dict::Dict() /home/puppet/target/sam2p/minips.cpp:441
    #2 0x43e5a7 in Rule::OutputRule::fromDict(long) /home/puppet/target/sam2p/rule.cpp:433
    #3 0x4403d9 in Rule::buildProfile(long, unsigned char) /home/puppet/target/sam2p/rule.cpp:618
    #4 0x4093d2 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:1024
    #5 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #6 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 4032 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x448a9e in MiniPS::Dict::Dict() /home/puppet/target/sam2p/minips.cpp:441
    #2 0x44ce85 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #3 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #4 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #5 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #6 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #7 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 4032 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x448a9e in MiniPS::Dict::Dict() /home/puppet/target/sam2p/minips.cpp:441
    #2 0x44ce85 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #3 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #4 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #5 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #6 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #7 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #8 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 1792 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x43e59c in Rule::OutputRule::fromDict(long) /home/puppet/target/sam2p/rule.cpp:433
    #2 0x4403d9 in Rule::buildProfile(long, unsigned char) /home/puppet/target/sam2p/rule.cpp:618
    #3 0x4093d2 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:1024
    #4 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #5 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 1792 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x44ce7a in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #2 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #3 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #4 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #5 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #6 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #7 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 1792 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x44ce7a in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #2 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #3 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #4 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #5 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #6 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 1410 byte(s) in 224 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x4478af in MiniPS::Sname::Sname(char const*, long) /home/puppet/target/sam2p/minips.cpp:340
    #2 0x44c5b9 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:840
    #3 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #4 0x44ce31 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #5 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #6 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #7 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #8 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 672 byte(s) in 56 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x4333ac in Mapping::DoubleHash::set(char const*, unsigned long, char const*) /home/puppet/target/sam2p/mapping.cpp:49
    #2 0x449682 in MiniPS::Dict::put(char const*, unsigned long, long) /home/puppet/target/sam2p/minips.cpp:488
    #3 0x448e4e in MiniPS::Dict::put(char const*, long) /home/puppet/target/sam2p/minips.cpp:458
    #4 0x43e5f9 in Rule::OutputRule::fromDict(long) /home/puppet/target/sam2p/rule.cpp:433
    #5 0x4403d9 in Rule::buildProfile(long, unsigned char) /home/puppet/target/sam2p/rule.cpp:618
    #6 0x4093d2 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:1024
    #7 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #8 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 512 byte(s) in 1 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x448808 in MiniPS::Array::extend(long) /home/puppet/target/sam2p/minips.cpp:423
    #2 0x4480ff in MiniPS::Array::push(long) /home/puppet/target/sam2p/minips.cpp:381
    #3 0x44ce65 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:884
    #4 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #5 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #6 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #7 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 208 byte(s) in 1 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x435b89 in Mapping::DoubleHash15::DoubleHash15(unsigned long) /home/puppet/target/sam2p/mapping.cpp:297
    #2 0x448ab1 in MiniPS::Dict::Dict() /home/puppet/target/sam2p/minips.cpp:441
    #3 0x44ce85 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #4 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #5 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #6 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 89 byte(s) in 5 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x4333ac in Mapping::DoubleHash::set(char const*, unsigned long, char const*) /home/puppet/target/sam2p/mapping.cpp:49
    #2 0x4491ea in MiniPS::Dict::push(char const*, unsigned long, long) /home/puppet/target/sam2p/minips.cpp:473
    #3 0x44cf96 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:906
    #4 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #5 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #6 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 72 byte(s) in 3 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x44c000 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:821
    #2 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #3 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #4 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #5 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 72 byte(s) in 1 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x448a9e in MiniPS::Dict::Dict() /home/puppet/target/sam2p/minips.cpp:441
    #2 0x44ce85 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:888
    #3 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #4 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #5 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 34 byte(s) in 3 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x4475e7 in MiniPS::String::String(char const*, long) /home/puppet/target/sam2p/minips.cpp:324
    #2 0x44c016 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:821
    #3 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #4 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #5 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #6 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 32 byte(s) in 1 object(s) allocated from:
    #0 0x7f39112ec532 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99532)
    #1 0x44ce0e in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:882
    #2 0x44cf26 in MiniPS::Parser::parse1(int, int) /home/puppet/target/sam2p/minips.cpp:898
    #3 0x409114 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:983
    #4 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #5 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Indirect leak of 18 byte(s) in 1 object(s) allocated from:
    #0 0x7f39112ec6b2 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x996b2)
    #1 0x4333ac in Mapping::DoubleHash::set(char const*, unsigned long, char const*) /home/puppet/target/sam2p/mapping.cpp:49
    #2 0x449682 in MiniPS::Dict::put(char const*, unsigned long, long) /home/puppet/target/sam2p/minips.cpp:488
    #3 0x448e4e in MiniPS::Dict::put(char const*, long) /home/puppet/target/sam2p/minips.cpp:458
    #4 0x409399 in run_sam2p_engine(Files::FILEW&, Files::FILEW&, char const* const*, unsigned char) /home/puppet/target/sam2p/sam2p_main.cpp:1019
    #5 0x40a6fe in main /home/puppet/target/sam2p/sam2p_main.cpp:1148
    #6 0x7f3910b2782f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 82087 byte(s) leaked in 1362 allocation(s).

found by puppet@zju.edu.cn from NESA Lab in Zhejiang University.

pts commented 6 years ago

Thank you for reporting this!

This memory leak happens after a fatal error (error message: : Error: BMP: Error reading BMP file header #3). There are many more like this, because sam2p doesn't have cleanup code when fatal errors are encountered, but it relies on the operating system to free the memory at process exit time (which is right after the fatal error gets reported).

Fixing this is not feasible, it would require several weeks of work with substantial refactoring of the entire sam2p codebase.

pts commented 6 years ago

As a workaround, 3864b16a512588ac8ec05a5331be53e13a74195b adds the use of _exit on fatal errors, so memory leaks on fatal errors won't be reported by AddressSanitizer.