Fix minor memory leak#1489
Conversation
val-ms
force-pushed
the
oss-fuzz-engine-free-certs_directory
branch
from
d9c3291 to
1bec20b
Compare
The memory allocated for certs_directory in the ClamAV engine is not free'd when the engine is free'd. This isn't readily apparent when using a mempool because the mempool itself is free'd and the issue is masked. Also: I found that the location in `cl_engine_free()` where we estimate the number of tasks incorrectly placed the fuzzy_hashmap free task in the block where we free the `test_root`, rather than up in the `engine->root` for-loop. Fixed.
val-ms
force-pushed
the
oss-fuzz-engine-free-certs_directory
branch
from
597a7e4 to
f3c2a02
Compare
| struct icon_matcher { | ||
| char **group_names[2]; | ||
| unsigned int group_counts[2]; | ||
| uint32_t group_counts[2]; |
There was a problem hiding this comment.
I'm just curious as to why the change from unsigned int, which is almost always 32-bits, to uint32_t was made. Should I make similar changes when I edit older code?
There was a problem hiding this comment.
The lengths of older C types, such as char, short, int, long, vary by OS and arch. int is more reliably 32-bits than long, but both may vary by OS and architecture: https://en.wikipedia.org/wiki/64-bit_computing#64-bit_data_models
I habitually switch unsigned, int, and long types to stdint.h types like uint32_t and uint64_t. For data, uint8_t is better than unsigned char. For strings, char is fine. int8_t might technically be better to represent data underlying utf8. utf8 is hard in C, and ClamAV code generally does a bad job with it.
Weirdly enough, off_t is also poorly defined. It's still everywhere and ought to be replaced with ssize_t if negative values need to be supported, or size_t otherwise. Most clamav offsets are relative to the start of the file so negative is almost never required. Disclaimer: I've introduced bugs by converting types like this from signed to unsigned, so you have to be really careful when doing that.
On that topic, sentinel values for indicating an error are a code smell. Ideally we'd never use them and would always return an error code (e.g. using cl_error_t) and then pass the back values through function parameters. It's just considerable effort to rewrite to do it that way with existing code, and there is risk we'd introduce a bug by switching.
val-ms
force-pushed
the
oss-fuzz-engine-free-certs_directory
branch
from
f3c2a02 to
8cbe5af
Compare
The logic for loading an icon matcher assumes that only one .idb file is loaded. If a second is loaded, the first is forgotten (memory leak). This commit checks to see if `engine->iconcheck` is already allocated and if so it will use that instead of allocating a new one. I also cleaned up the error handling in this function, using goto-done error handling. I added proper cleanup for freeing the matcher in case of an idb signature load error, copied from `cl_engine_free()`.
Notably: resolve atty and openssl security warnings.
val-ms
force-pushed
the
oss-fuzz-engine-free-certs_directory
branch
from
8cbe5af to
6f0520b
Compare
The .sign test files have the min flevel set to 220. It should be 230. Also upgrade clamav-signature-util to v1.2.4 for fix so new .sign files will have the correct min flevel.
val-ms
force-pushed
the
oss-fuzz-engine-free-certs_directory
branch
from
6f0520b to
544fb9f
Compare
2 participants
The memory allocated for certs_directory in the ClamAV engine is not free'd when the engine is free'd. This isn't readily apparent when using a mempool because the mempool itself is free'd and the issue is masked.
Also: I found that the location in
cl_engine_free()where we estimate the number of tasks incorrectly placed the fuzzy_hashmap free task in the block where we free thetest_root, rather than up in theengine->rootfor-loop. Fixed.Edit: I have also added a fix for a leak when multiple idb signatures are loaded. I discovered this while trying to come up with simple repro steps for anyone wishing to manually test this fix.
Repro steps on Linux, not Mac (requires
valgrind):Build clamav with the cmake option
-D DISABLE_MPOOL=ONRun
ctest -V