nDPI icon indicating copy to clipboard operation
nDPI copied to clipboard

Published 20 hours ago verified publisher icon ntop

Memory leak in ahocorasick

Open IvanNardi opened this issue 1 year ago • 0 comments

Oss-fuzz keeps reporting a memory leak in ahocorasick code, via fuzz_filecfg_protocols fuzzer. Some examples (these reports should be public): https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=64150&q=ndpi&can=1&sort=-id https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=62269&q=ndpi&can=1&sort=-id https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=61934&q=ndpi&can=1&sort=-id

It seems that the leak is about inserting duplicated patterns.

The stack reported is something like:

            #6 0x67f7c9 in ac_automata_add [ndpi/src/lib/third_party/src/ahocorasick.c:255](https://github.com/ntop/nDPI/blob/7b2bbb2309264766697507365231fd6ee5717e31/src/lib/third_party/src/ahocorasick.c#L255):19
	    #7 0x58df28 in ndpi_add_host_risk_mask [ndpi/src/lib/ndpi_main.c:4262](https://github.com/ntop/nDPI/blob/7b2bbb2309264766697507365231fd6ee5717e31/src/lib/ndpi_main.c#L4262):8
	    #8 0x592605 in ndpi_handle_rule [ndpi/src/lib/ndpi_main.c:4344](https://github.com/ntop/nDPI/blob/7b2bbb2309264766697507365231fd6ee5717e31/src/lib/ndpi_main.c#L4344):11
	    #9 0x592605 in load_protocols_file_fd [ndpi/src/lib/ndpi_main.c:5036](https://github.com/ntop/nDPI/blob/7b2bbb2309264766697507365231fd6ee5717e31/src/lib/ndpi_main.c#L5036):8

IvanNardi avatar Jan 12 '24 11:01 IvanNardi