mir/lxc
2
0
Fork 0
mirror of git://github.com/lxc/lxc synced 2025-08-30 22:49:34 +00:00
Code Issues Releases Wiki Activity

confile: fix a memory leak in set_config_net_hwaddr

Browse Source 
It was found by ClusterFuzz in https://oss-fuzz.com/testcase-detail/4747480244813824
but hasn't been reported on Monorail
(https://bugs.chromium.org/p/oss-fuzz/) yet

```
$ cat minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e
lxc.net.0.hwaddr=0
lxc.net.0.hwaddr=4

./out/fuzz-lxc-config-read minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e
INFO: Seed: 1473396311
INFO: Loaded 1 modules   (18821 inline 8-bit counters): 18821 [0x885fa0, 0x88a925),
INFO: Loaded 1 PC tables (18821 PCs): 18821 [0x88a928,0x8d4178),
./out/fuzz-lxc-config-read: Running 1 inputs 1 time(s) each.
Running: minimized-from-1a18983c13ce64e8a3bd0f699a97d25beb21481e

=================================================================
==226185==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 2 byte(s) in 1 object(s) allocated from:
    #0 0x4d25d7 in strdup (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x4d25d7)
    #1 0x58e48f in set_config_net_hwaddr /home/vagrant/lxc/src/lxc/confile.c:654:14
    #2 0x59af3b in set_config_net_nic /home/vagrant/lxc/src/lxc/confile.c:5276:9
    #3 0x571c29 in parse_line /home/vagrant/lxc/src/lxc/confile.c:2958:9
    #4 0x61b0b2 in lxc_file_for_each_line_mmap /home/vagrant/lxc/src/lxc/parse.c:125:9
    #5 0x5710ed in lxc_config_read /home/vagrant/lxc/src/lxc/confile.c:3035:9
    #6 0x542cd6 in LLVMFuzzerTestOneInput /home/vagrant/lxc/src/tests/fuzz-lxc-config-read.c:23:2
    #7 0x449e8c in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x449e8c)
    #8 0x42bbad in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x42bbad)
    #9 0x432c50 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x432c50)
    #10 0x423136 in main (/home/vagrant/lxc/out/fuzz-lxc-config-read+0x423136)
    #11 0x7f2cbb992081 in __libc_start_main (/lib64/libc.so.6+0x27081)

SUMMARY: AddressSanitizer: 2 byte(s) leaked in 1 allocation(s).
```

Signed-off-by: Evgeny Vereshchagin <evvers@ya.ru>
This commit is contained in:
Evgeny Vereshchagin
2021-03-27 10:58:29 +00:00
committed by Christian Brauner
parent 299ddd1663
commit f6848c5fbc
1 changed files with 2 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
src/lxc/confile.c
View File

@@ -657,9 +657,8 @@ static int set_config_net_hwaddr(const char *key, const char *value,
rand_complete_hwaddr(new_value);
if (lxc_config_value_empty(new_value))
free_disarm(netdev->hwaddr);
else
free_disarm(netdev->hwaddr);
if (!lxc_config_value_empty(new_value))
netdev->hwaddr = move_ptr(new_value);
return 0;