#4536 closed defect (fixed)
Leak in WKB collection parser
| Reported by: | komzpa | Owned by: | pramsey |
|---|---|---|---|
| Priority: | medium | Milestone: | PostGIS 3.0.1 |
| Component: | postgis | Version: | 2.5.x -- EOL |
| Keywords: | Cc: |
Description
https://oss-fuzz.com/testcase-detail/5727346518130688
=================================================================
==1==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 121472 byte(s) in 3796 object(s) allocated from:
#0 0x49692d in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x6064be in lwcollection_construct_empty /src/postgis/liblwgeom/lwcollection.c:101:8
#2 0x611bf2 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:639:22
#3 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#4 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#5 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#6 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#7 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#8 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#9 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#10 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#11 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#12 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#13 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#14 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#15 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#16 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#17 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#18 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#19 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#20 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#21 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#22 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#23 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#24 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#25 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#26 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#27 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#28 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#29 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
================================================================================
The following leaks are not necessarily related to the first leak.
Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x49692d in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x6064be in lwcollection_construct_empty /src/postgis/liblwgeom/lwcollection.c:101:8
#2 0x611bf2 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:639:22
#3 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#4 0x611eda in lwgeom_from_wkb /src/postgis/liblwgeom/lwin_wkb.c:783:9
#5 0x4c9d2d in LLVMFuzzerTestOneInput /src/postgis/fuzzers/wkb_import_fuzzer.cpp:116:22
#6 0x51a546 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15
#7 0x4cb08f in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:292:6
#8 0x4d8cf2 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:774:9
#9 0x4ca6d7 in main /src/libfuzzer/FuzzerMain.cpp:19:10
#10 0x7f04a770382f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/libc-start.c:291
Direct leak of 32 byte(s) in 1 object(s) allocated from:
#0 0x49692d in malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x6064be in lwcollection_construct_empty /src/postgis/liblwgeom/lwcollection.c:101:8
#2 0x611bf2 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:639:22
#3 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#4 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#5 0x611c77 in lwcollection_from_wkb_state /src/postgis/liblwgeom/lwin_wkb.c:655:10
#6 0x611eda in lwgeom_from_wkb /src/postgis/liblwgeom/lwin_wkb.c:783:9
#7 0x4c9d2d in LLVMFuzzerTestOneInput /src/postgis/fuzzers/wkb_import_fuzzer.cpp:116:22
#8 0x51a546 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:556:15
#9 0x4cb08f in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:292:6
#10 0x4d8cf2 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:774:9
#11 0x4ca6d7 in main /src/libfuzzer/FuzzerMain.cpp:19:10
#12 0x7f04a770382f in __libc_start_main /build/glibc-LK5gWL/glibc-2.23/csu/libc-start.c:291
..... many more lines ...
Attachments (1)
Change History (6)
by , 5 years ago
| Attachment: | clusterfuzz-testcase-minimized-wkb_import_fuzzer-5727346518130688 added |
|---|
comment:1 by , 5 years ago
Note:
See TracTickets
for help on using tickets.
PR: https://github.com/postgis/postgis/pull/493