Page MenuHome GnuPG

Memory leak in read_block
Closed, ResolvedPublic


This was found by oss-fuzz

Bug can be reproduced by running
gpg --import clusterfuzz-testcase-minimized-fuzz_import-5741152576208896.dms

Stack trace gives :

==1==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 16 byte(s) in 1 object(s) allocated from:
    #0 0x4b1342 in malloc _asan_rtl_
     #1 0x76498a in do_malloc /src/libgcrypt-1.8.2/src/global.c:918:6
     #2 0x76484b in _gcry_malloc /src/libgcrypt-1.8.2/src/global.c:940:3
     #3 0x76512e in _gcry_xmalloc /src/libgcrypt-1.8.2/src/global.c:1114:17
    #4 0x5499ed in read_block /src/gnupg/g10/import.c:986:21
    #5 0x551f53 in import /src/gnupg/g10/import.c:592:17
    #6 0x54cf7f in import_keys_internal /src/gnupg/g10/import.c:493:21
    #7 0x54ccb7 in import_keys /src/gnupg/g10/import.c:533:3

This appeared a month ago between commits bdda31a26bc69b6ee72e964510db113645de76ef and f799e9728bcadb3d4148a47848c78c5647860ea4 and is still valid at commit 64a5fd37271a3e454c0d59ac3500e1a1b232e4f7



Revisions and Commits

Event Timeline

gniibe triaged this task as Normal priority.
gniibe added a subscriber: gniibe.

Thanks for your report. It was good you add "enter no passphrase for Alfa Test Key". Then, I saw the leak. (I misunderstood as if I needed the test environment.)
Anyway, I'm going to fix it now.

I think that the bug has been there. The commits of import.c revealed the problem with your particular input.

gniibe changed the task status from Open to Testing.Apr 17 2019, 3:02 AM