Bug #2074: detect msg: memory leak - Suricata - Open Information Security Foundation

Actions

Copy link

#1

Updated by Andreas Herz over 7 years ago

Assignee set to OISF Dev
Target version set to TBD

Actions

Copy link

#2

Updated by Victor Julien over 7 years ago

Status changed from New to Assigned
Assignee changed from OISF Dev to Andreas Herz
Target version changed from TBD to 70

Actions

Copy link

#3

Updated by Andreas Herz over 7 years ago

Could you tell me what compile options you used and what version of gcc?

I also saw that https://github.com/inliniac/suricata/commit/342059835fe7ec0079ac91a152a0abab516b184f commit so will try runs with that and without it.

Actions

Copy link

#4

Updated by Victor Julien over 7 years ago

alert tcp any any -> any any (msg:"1"; msg:"2"; sid:1;)

LSAN_OPTIONS=suppressions=qa/lsan.suppress ASAN_OPTIONS="detect_leaks=1 symbolize=1 external_symbolizer_path=/usr/lib/llvm-3.8/bin/llvm-symbolizer" ./src/suricata -l tmp/ -S msg.rules  -T
[23108] 5/5/2017 -- 13:27:49 - (suricata.c:1842) <Info> (ParseCommandLine) -- Running suricata under test mode
[23108] 5/5/2017 -- 13:27:49 - (suricata.c:1100) <Notice> (LogVersion) -- This is Suricata version 4.0dev (rev 2620757)
[23108] 5/5/2017 -- 13:27:49 - (util-file.c:166) <Warning> (FileForceHashParseCfg) -- [ERRCODE: SC_ERR_DEPRECATED_CONF(274)] - deprecated 'force-md5' option found. Please use 'force-hash: [md5]' instead
[23108] 5/5/2017 -- 13:27:49 - (suricata.c:2841) <Notice> (main) -- Configuration provided was successfully loaded. Exiting.

=================================================================
==23108==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4599c0 in __interceptor_strdup (/home/victor/sync/devel/eidps/src/suricata+0x4599c0)
    #1 0x133b58d in DetectMsgSetup /home/victor/sync/devel/eidps/src/detect-msg.c:106:14
    #2 0x134a639 in SigParseOptions /home/victor/sync/devel/eidps/src/detect-parse.c:764:13
    #3 0x13472cf in SigParse /home/victor/sync/devel/eidps/src/detect-parse.c:1095:19
    #4 0x13507cf in SigInitHelper /home/victor/sync/devel/eidps/src/detect-parse.c:1635:9
    #5 0x134fe70 in SigInit /home/victor/sync/devel/eidps/src/detect-parse.c:1729:16
    #6 0x1351ece in DetectEngineAppendSig /home/victor/sync/devel/eidps/src/detect-parse.c:1996:22
    #7 0xbe5b36 in DetectLoadSigFile /home/victor/sync/devel/eidps/src/detect.c:352:15
    #8 0xb4f137 in ProcessSigFiles /home/victor/sync/devel/eidps/src/detect.c:417:13
    #9 0xb4d412 in SigLoadSignatures /home/victor/sync/devel/eidps/src/detect.c:496:15
    #10 0x199c002 in LoadSignatures /home/victor/sync/devel/eidps/src/suricata.c:2391:9
    #11 0x1992802 in PostConfLoadedDetectSetup /home/victor/sync/devel/eidps/src/suricata.c:2522:17
    #12 0x197b8a9 in main /home/victor/sync/devel/eidps/src/suricata.c:2835:5
    #13 0x7fa8b067682f in __libc_start_main /build/glibc-9tT8Do/glibc-2.23/csu/../csu/libc-start.c:291

SUMMARY: AddressSanitizer: 2 byte(s) leaked in 1 allocation(s).

Actions

Copy link

#5