From 19b30f1c596a8df2a522f9d6dfc1c1782790fc78 Mon Sep 17 00:00:00 2001 From: Bernd Edlinger Date: Wed, 13 Oct 2021 06:37:46 +0200 Subject: Fix another memory leak reported in CIFuzz Direct leak of 2 byte(s) in 1 object(s) allocated from: #0 0x4a067d in __interceptor_malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:129:3 #1 0x57acd9 in CRYPTO_malloc /src/openssl/crypto/mem.c:184:12 #2 0x57e106 in CRYPTO_strdup /src/openssl/crypto/o_str.c:24:11 #3 0x5c139f in def_load_bio /src/openssl/crypto/conf/conf_def.c:427:45 #4 0x56adf5 in NCONF_load_bio /src/openssl/crypto/conf/conf_lib.c:282:12 #5 0x4d96cf in FuzzerTestOneInput /src/openssl/fuzz/conf.c:38:5 #6 0x4d9830 in LLVMFuzzerTestOneInput /src/openssl/fuzz/driver.c:28:12 #7 0x510c23 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) cxa_noexception.cpp #8 0x4fc4d2 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:324:6 #9 0x501f85 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) cxa_noexception.cpp #10 0x52ac82 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:20:10 #11 0x7f15336bf0b2 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x270b2) Reviewed-by: Tomas Mraz (Merged from https://github.com/openssl/openssl/pull/16813) --- crypto/conf/conf_def.c | 1 + 1 file changed, 1 insertion(+) (limited to 'crypto/conf/conf_def.c') diff --git a/crypto/conf/conf_def.c b/crypto/conf/conf_def.c index 1832cf535f..c05c3c6b10 100644 --- a/crypto/conf/conf_def.c +++ b/crypto/conf/conf_def.c @@ -424,6 +424,7 @@ static int def_load_bio(CONF *conf, BIO *in, long *line) if (!parsebool(pval, &conf->flag_abspath)) goto err; } else if (strcmp(p, "includedir") == 0) { + OPENSSL_free(conf->includedir); if ((conf->includedir = OPENSSL_strdup(pval)) == NULL) { ERR_raise(ERR_LIB_CONF, ERR_R_MALLOC_FAILURE); goto err; -- cgit v1.2.3