[Wireshark-bugs] [Bug 15442] New: dfilter: Memory leak on error with certain display filter function

[bugzilla-daemon]

https://bugs.wireshark.org/bugzilla/show_bug.cgi?id=15442

            Bug ID: 15442
           Summary: dfilter: Memory leak on error with certain display
                    filter function
           Product: Wireshark
           Version: Git
          Hardware: All
                OS: All
            Status: CONFIRMED
          Severity: Normal
          Priority: Low
         Component: Dissection engine (libwireshark)
          Assignee: bugzilla-ad...@wireshark.org
          Reporter: pe...@lekensteyn.nl
  Target Milestone: ---

Build Information:
TShark (Wireshark) 2.9.1 (v2.9.1rc0-516-ga946eb31)

Copyright 1998-2019 Gerald Combs <ger...@wireshark.org> and contributors.
License GPLv2+: GNU GPL version 2 or later
<http://www.gnu.org/licenses/old-licenses/gpl-2.0.html>
This is free software; see the source for copying conditions. There is NO
warranty; not even for MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

Compiled (64-bit) with libpcap, with POSIX capabilities (Linux), with libnl 3,
with GLib 2.58.2, with zlib 1.2.11, without SMI, with c-ares 1.15.0, with Lua
5.2.4, with GnuTLS 3.6.5 and PKCS #11 support, with Gcrypt 1.8.4, with MIT
Kerberos, with MaxMind DB resolver, with nghttp2 1.35.1, with LZ4, with Snappy,
with libxml2 2.9.8.

Running on Linux 4.19.12-arch1-1-ARCH, with Intel(R) Core(TM) i7-6700HQ CPU @
2.60GHz (with SSE4.2), with 31984 MB of physical memory, with locale
en_GB.UTF-8, with libpcap version 1.9.0-PRE-GIT (with TPACKET_V3), with GnuTLS
3.6.5, with Gcrypt 1.8.4, with zlib 1.2.11, binary plugins supported (0
loaded).

Built using clang 4.2.1 Compatible Clang 7.0.1 (tags/RELEASE_701/final).

--
At least the following filters result in a memleak:

 string(123) == "123"
 string(123) == 123
 lower(123) == 123
 len(dummy) == 123

ASAN_OPTIONS=fast_unwind_on_malloc=0 G_SLICE=always-malloc HOME=/dummy \
run/dftest 'string(123) == "123"'

dftest: To string conversion for this field is not supported

=================================================================
==2577==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x55f8ae9340e9 in malloc (run/dftest+0xf40e9)
    #1 0x7f96878be8d1 in g_malloc glib/gmem.c:99:13
    #2 0x7f968789f094 in g_slice_alloc glib/gslice.c:1024:11
    #3 0x7f9695968bb9 in fvalue_new epan/ftypes/ftypes.c:261:7
    #4 0x7f96959690d0 in fvalue_from_unparsed epan/ftypes/ftypes.c:294:7
    #5 0x7f9691ab2de6 in dfilter_fvalue_from_unparsed
epan/dfilter/semcheck.c:150:9
    #6 0x7f9691ab6690 in check_param_entity epan/dfilter/semcheck.c:1195:12
    #7 0x7f9691ab574c in check_function epan/dfilter/semcheck.c:596:18
    #8 0x7f9691ab19b6 in check_relation_LHS_FUNCTION
epan/dfilter/semcheck.c:1226:2
    #9 0x7f9691aadb8f in check_relation epan/dfilter/semcheck.c:1385:4
    #10 0x7f9691aacf16 in check_test epan/dfilter/semcheck.c:1449:4
    #11 0x7f9691aac39e in semcheck epan/dfilter/semcheck.c:1500:4
    #12 0x7f9691aabeca in dfw_semcheck epan/dfilter/semcheck.c:1524:3
    #13 0x7f9691a82fea in dfilter_compile epan/dfilter/dfilter.c:333:8
    #14 0x55f8ae9719a7 in main dftest.c:106:7
    #15 0x7f96874ee222 in __libc_start_main (/usr/lib/libc.so.6+0x24222)
    #16 0x55f8ae860f8d in _start (run/dftest+0x20f8d)

Indirect leak of 4 byte(s) in 1 object(s) allocated from:
    #0 0x55f8ae9340e9 in malloc (run/dftest+0xf40e9)
    #1 0x7f96878be8d1 in g_malloc glib/gmem.c:99:13
    #2 0x7f968789b8a0 in g_strdup glib/gstrfuncs.c:363:17
    #3 0x7f96959b1eb5 in val_from_string epan/ftypes/ftype-string.c:84:21
    #4 0x7f96959b1e6d in val_from_unparsed epan/ftypes/ftype-string.c:112:10
    #5 0x7f9695969364 in fvalue_from_unparsed epan/ftypes/ftypes.c:296:7
    #6 0x7f9691ab2de6 in dfilter_fvalue_from_unparsed
epan/dfilter/semcheck.c:150:9
    #7 0x7f9691ab6690 in check_param_entity epan/dfilter/semcheck.c:1195:12
    #8 0x7f9691ab574c in check_function epan/dfilter/semcheck.c:596:18
    #9 0x7f9691ab19b6 in check_relation_LHS_FUNCTION
epan/dfilter/semcheck.c:1226:2
    #10 0x7f9691aadb8f in check_relation epan/dfilter/semcheck.c:1385:4
    #11 0x7f9691aacf16 in check_test epan/dfilter/semcheck.c:1449:4
    #12 0x7f9691aac39e in semcheck epan/dfilter/semcheck.c:1500:4
    #13 0x7f9691aabeca in dfw_semcheck epan/dfilter/semcheck.c:1524:3
    #14 0x7f9691a82fea in dfilter_compile epan/dfilter/dfilter.c:333:8
    #15 0x55f8ae9719a7 in main dftest.c:106:7
    #16 0x7f96874ee222 in __libc_start_main (/usr/lib/libc.so.6+0x24222)
    #17 0x55f8ae860f8d in _start (run/dftest+0x20f8d)

SUMMARY: AddressSanitizer: 44 byte(s) leaked in 2 allocation(s).

-- 
You are receiving this mail because:
You are watching all bug changes.
___________________________________________________________________________
Sent via:    Wireshark-bugs mailing list <wireshark-bugs@wireshark.org>
Archives:    https://www.wireshark.org/lists/wireshark-bugs
Unsubscribe: https://www.wireshark.org/mailman/options/wireshark-bugs
             mailto:wireshark-bugs-requ...@wireshark.org?subject=unsubscribe