[gnutls-devel] GnuTLS | memleak in wrap_nettle_mpi_init (#1328)
Read-only notification of GnuTLS library development activities
gnutls-devel at lists.gnutls.org
Mon Feb 28 16:01:19 CET 2022
tongxiaoge1001 created an issue: https://gitlab.com/gnutls/gnutls/-/issues/1328
## Description of problem:
`==3981579==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x7606ad in wrap_nettle_mpi_init /src/gnutls/lib/nettle/mpi.c:79:6
#2 0x7611de in wrap_nettle_mpi_copy /src/gnutls/lib/nettle/mpi.c:189:8
#3 0x77a005 in set_dh_pk_params /src/gnutls/lib/dh.c:58:53
#4 0x7790c7 in _gnutls_figure_dh_params /src/gnutls/lib/dh.c:178:8
#5 0x7bff56 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:107:6
#6 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#7 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#8 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#9 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#10 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#11 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#12 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#13 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#14 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--wrap_nettle_mpi_init--wrap_nettle_mpi_copy
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x7606ad in wrap_nettle_mpi_init /src/gnutls/lib/nettle/mpi.c:79:6
#2 0x7611de in wrap_nettle_mpi_copy /src/gnutls/lib/nettle/mpi.c:189:8
#3 0x779fac in set_dh_pk_params /src/gnutls/lib/dh.c:51:52
#4 0x7790c7 in _gnutls_figure_dh_params /src/gnutls/lib/dh.c:178:8
#5 0x7bff56 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:107:6
#6 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#7 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#8 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#9 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#10 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#11 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#12 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#13 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#14 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--wrap_nettle_mpi_init--wrap_nettle_mpi_copy
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x7606ad in wrap_nettle_mpi_init /src/gnutls/lib/nettle/mpi.c:79:6
#2 0x76088f in wrap_nettle_mpi_init_multi /src/gnutls/lib/nettle/mpi.c:98:8
#3 0x76b5b1 in wrap_nettle_pk_generate_keys /src/gnutls/lib/nettle/pk.c:2242:10
#4 0x739439 in _gnutls_dh_common_print_server_kx /src/gnutls/lib/auth/dh_common.c:340:6
#5 0x7bff94 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:115:6
#6 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#7 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#8 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#9 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#10 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#11 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#12 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#13 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#14 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--wrap_nettle_mpi_init--wrap_nettle_mpi_init_multi
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x7606ad in wrap_nettle_mpi_init /src/gnutls/lib/nettle/mpi.c:79:6
#2 0x7611de in wrap_nettle_mpi_copy /src/gnutls/lib/nettle/mpi.c:189:8
#3 0x779f5a in set_dh_pk_params /src/gnutls/lib/dh.c:47:52
#4 0x7790c7 in _gnutls_figure_dh_params /src/gnutls/lib/dh.c:178:8
#5 0x7bff56 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:107:6
#6 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#7 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#8 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#9 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#10 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#11 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#12 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#13 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#14 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--wrap_nettle_mpi_init--wrap_nettle_mpi_copy
Direct leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x7606ad in wrap_nettle_mpi_init /src/gnutls/lib/nettle/mpi.c:79:6
#2 0x7609ba in wrap_nettle_mpi_init_multi /src/gnutls/lib/nettle/mpi.c:109:10
#3 0x76b5b1 in wrap_nettle_pk_generate_keys /src/gnutls/lib/nettle/pk.c:2242:10
#4 0x739439 in _gnutls_dh_common_print_server_kx /src/gnutls/lib/auth/dh_common.c:340:6
#5 0x7bff94 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:115:6
#6 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#7 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#8 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#9 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#10 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#11 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#12 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#13 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#14 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--wrap_nettle_mpi_init--wrap_nettle_mpi_init_multi
Indirect leak of 384 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x8ce708 in __gmp_default_allocate /src/gmp/memory.c:53:9
#2 0x892088 in __gmpz_realloc /src/gmp/mpz/realloc.c:63:12
#3 0x8929d8 in __gmpz_set /src/gmp/mpz/set.c:43:8
#4 0x761216 in wrap_nettle_mpi_copy /src/gnutls/lib/nettle/mpi.c:193:2
#5 0x779fac in set_dh_pk_params /src/gnutls/lib/dh.c:51:52
#6 0x7790c7 in _gnutls_figure_dh_params /src/gnutls/lib/dh.c:178:8
#7 0x7bff56 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:107:6
#8 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#9 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#10 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#11 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#12 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#13 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#14 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#15 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#16 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--__gmp_default_allocate--__gmpz_realloc
Indirect leak of 384 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x8ce708 in __gmp_default_allocate /src/gmp/memory.c:53:9
#2 0x892088 in __gmpz_realloc /src/gmp/mpz/realloc.c:63:12
#3 0x8929d8 in __gmpz_set /src/gmp/mpz/set.c:43:8
#4 0x76b616 in wrap_nettle_pk_generate_keys /src/gnutls/lib/nettle/pk.c:2249:4
#5 0x739439 in _gnutls_dh_common_print_server_kx /src/gnutls/lib/auth/dh_common.c:340:6
#6 0x7bff94 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:115:6
#7 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#8 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#9 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#10 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#11 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#12 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#13 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#14 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#15 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--__gmp_default_allocate--__gmpz_realloc
Indirect leak of 384 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x8ce708 in __gmp_default_allocate /src/gmp/memory.c:53:9
#2 0x892088 in __gmpz_realloc /src/gmp/mpz/realloc.c:63:12
#3 0x8929d8 in __gmpz_set /src/gmp/mpz/set.c:43:8
#4 0x76b5f1 in wrap_nettle_pk_generate_keys /src/gnutls/lib/nettle/pk.c:2248:4
#5 0x739439 in _gnutls_dh_common_print_server_kx /src/gnutls/lib/auth/dh_common.c:340:6
#6 0x7bff94 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:115:6
#7 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#8 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#9 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#10 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#11 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#12 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#13 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#14 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#15 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--__gmp_default_allocate--__gmpz_realloc
Indirect leak of 384 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x8ce708 in __gmp_default_allocate /src/gmp/memory.c:53:9
#2 0x892088 in __gmpz_realloc /src/gmp/mpz/realloc.c:63:12
#3 0x8929d8 in __gmpz_set /src/gmp/mpz/set.c:43:8
#4 0x761216 in wrap_nettle_mpi_copy /src/gnutls/lib/nettle/mpi.c:193:2
#5 0x77a005 in set_dh_pk_params /src/gnutls/lib/dh.c:58:53
#6 0x7790c7 in _gnutls_figure_dh_params /src/gnutls/lib/dh.c:178:8
#7 0x7bff56 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:107:6
#8 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#9 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#10 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#11 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#12 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#13 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#14 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#15 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#16 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)
DEDUP_TOKEN: malloc--__gmp_default_allocate--__gmpz_realloc
Indirect leak of 8 byte(s) in 1 object(s) allocated from:
#0 0x52284d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
#1 0x8ce708 in __gmp_default_allocate /src/gmp/memory.c:53:9
#2 0x892088 in __gmpz_realloc /src/gmp/mpz/realloc.c:63:12
#3 0x8929d8 in __gmpz_set /src/gmp/mpz/set.c:43:8
#4 0x761216 in wrap_nettle_mpi_copy /src/gnutls/lib/nettle/mpi.c:193:2
#5 0x779f5a in set_dh_pk_params /src/gnutls/lib/dh.c:47:52
#6 0x7790c7 in _gnutls_figure_dh_params /src/gnutls/lib/dh.c:178:8
#7 0x7bff56 in gen_dhe_server_kx /src/gnutls/lib/auth/dhe.c:107:6
#8 0x59d6f6 in _gnutls_send_server_kx_message /src/gnutls/lib/kx.c:289:7
#9 0x590450 in handshake_server /src/gnutls/lib/handshake.c:3450:8
#10 0x58aa34 in gnutls_handshake /src/gnutls/lib/handshake.c:2773:9
#11 0x555cc7 in LLVMFuzzerTestOneInput /src/gnutls/fuzz/gnutls_server_rawpk_fuzzer.c:90:9
#12 0x45bb23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:599:15
#13 0x447292 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:323:6
#14 0x44cf36 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:856:9
#15 0x476442 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10
#16 0x7f65d4b05b26 in __libc_start_main (/lib64/libc.so.6+0x25b26)`
## Version of gnutls used:
3.6.14
## Distributor of gnutls (e.g., Ubuntu, Fedora, RHEL)
openEuler
## Actual results:
Error occurred[fusiontest-testcase-gnutls_server_rawpk_fuzzer-202111260001](/uploads/f6d02efe56623be93296ae4971dc5a49/fusiontest-testcase-gnutls_server_rawpk_fuzzer-202111260001)
## Expected results:
No Error
--
Reply to this email directly or view it on GitLab: https://gitlab.com/gnutls/gnutls/-/issues/1328
You're receiving this email because of your account on gitlab.com.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.gnupg.org/pipermail/gnutls-devel/attachments/20220228/c11d1579/attachment-0001.html>
More information about the Gnutls-devel
mailing list