Page MenuHome GnuPG
Create Task
Maniphest T4461

Memory leak in read_block
Closed, ResolvedPublic
Actions

Description

This was found by oss-fuzz

Bug can be reproduced by running
gpg --import clusterfuzz-testcase-minimized-fuzz_import-5741152576208896.dms

clusterfuzz-testcase-minimized-fuzz_import-5741152576208896.dms5 KBDownload

Stack trace gives :

==1==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 16 byte(s) in 1 object(s) allocated from:
    #0 0x4b1342 in malloc _asan_rtl_
     #1 0x76498a in do_malloc /src/libgcrypt-1.8.2/src/global.c:918:6
     #2 0x76484b in _gcry_malloc /src/libgcrypt-1.8.2/src/global.c:940:3
     #3 0x76512e in _gcry_xmalloc /src/libgcrypt-1.8.2/src/global.c:1114:17
    #4 0x5499ed in read_block /src/gnupg/g10/import.c:986:21
    #5 0x551f53 in import /src/gnupg/g10/import.c:592:17
    #6 0x54cf7f in import_keys_internal /src/gnupg/g10/import.c:493:21
    #7 0x54ccb7 in import_keys /src/gnupg/g10/import.c:533:3

This appeared a month ago between commits bdda31a26bc69b6ee72e964510db113645de76ef and f799e9728bcadb3d4148a47848c78c5647860ea4 and is still valid at commit 64a5fd37271a3e454c0d59ac3500e1a1b232e4f7

Details

Version
64a5fd37271a3e454c0d59ac3500e1a1b232e4f7

Revisions and Commits

rG GnuPG
rGa861f9343d6e g10: Fix a memory leak.

Related Objects

Event Timeline

catenacyber created this task.Apr 16 2019, 6:06 PM
gniibe claimed this task.Apr 17 2019, 2:46 AM
gniibe triaged this task as Normal priority.
gniibe added a subscriber: gniibe.

Thanks for your report. It was good you add "enter no passphrase for Alfa Test Key". Then, I saw the leak. (I misunderstood as if I needed the test environment.)
Anyway, I'm going to fix it now.

gniibe added a comment.Apr 17 2019, 3:01 AM

I think that the bug has been there. The commits of import.c revealed the problem with your particular input.

gniibe added a commit: rGa861f9343d6e: g10: Fix a memory leak..Apr 17 2019, 3:02 AM
gniibe changed the task status from Open to Testing.Apr 17 2019, 3:02 AM
catenacyber added a comment.Apr 17 2019, 4:38 PM

Fix is ok for oss-fuzz

gniibe closed this task as Resolved.May 29 2019, 3:08 AM