libsass
libsass copied to clipboard
Published
20 hours ago •
sass
sass
LeakSanitizer: detected memory leaks
1. Description
695 byte(s) leaked in 8 allocation(s) when running program ./sassc/bin/sassc, this can reproduce on the lattest commit.
2. Software version info
$ ./sassc/bin/sassc --version
sassc: 3.6.2
libsass: 3.6.5-8-g210218
sass2scss: 1.1.1
sass: 3.5
3. System version info
Ubuntu 20.04.2 LTS
Linux 5.4.0-65-generic
4. Command
./sassc/bin/sassc ./poc1
5. Result
$ ./sassc/bin/sassc ./poc1
Error: Invalid CSS after ":t(0):n({}": expected ")", was ""
on line 1:10 of ./poc1
>> :t(0):n({}
---------^
=================================================================
==1416288==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 208 byte(s) in 1 object(s) allocated from:
#0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
#1 0x6fe299 in Sass::Parser::parse_pseudo_selector() src/parser.cpp:765
#2 0x6f5559 in Sass::Parser::parse_simple_selector() src/parser.cpp
#3 0x7d24b0 in Sass::Parser::parseCompoundSelector() src/parser_selectors.cpp:171
#4 0x7cb472 in Sass::Parser::parseComplexSelector(bool) src/parser_selectors.cpp:42
#5 0x7d53d7 in Sass::Parser::parseSelectorList(bool) src/parser_selectors.cpp:82
#6 0x6b08b4 in Sass::Parser::parse_ruleset(Lookahead) src/parser.cpp:512
#7 0x6808a1 in Sass::Parser::parse_block_node(bool) src/parser.cpp:260
#8 0x678c8d in Sass::Parser::parse_block_nodes(bool) src/parser.cpp:171
Indirect leak of 128 byte(s) in 1 object(s) allocated from:
#0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
#1 0x70cf56 in Sass::Parser::parse_css_variable_value() src/parser.cpp:1594
#2 0x6fe28f in Sass::Parser::parse_pseudo_selector() src/parser.cpp:764
#3 0x6f5559 in Sass::Parser::parse_simple_selector() src/parser.cpp
#4 0x7d24b0 in Sass::Parser::parseCompoundSelector() src/parser_selectors.cpp:171
#5 0x7cb472 in Sass::Parser::parseComplexSelector(bool) src/parser_selectors.cpp:42
#6 0x7d53d7 in Sass::Parser::parseSelectorList(bool) src/parser_selectors.cpp:82
#7 0x6b08b4 in Sass::Parser::parse_ruleset(Lookahead) src/parser.cpp:512
#8 0x6808a1 in Sass::Parser::parse_block_node(bool) src/parser.cpp:260
#9 0x678c8d in Sass::Parser::parse_block_nodes(bool) src/parser.cpp:171
Indirect leak of 120 byte(s) in 1 object(s) allocated from:
#0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
#1 0x70f098 in Sass::Parser::parse_css_variable_value() src/parser.cpp:1633
#2 0x6fe28f in Sass::Parser::parse_pseudo_selector() src/parser.cpp:764
#3 0x6f5559 in Sass::Parser::parse_simple_selector() src/parser.cpp
#4 0x7d24b0 in Sass::Parser::parseCompoundSelector() src/parser_selectors.cpp:171
#5 0x7cb472 in Sass::Parser::parseComplexSelector(bool) src/parser_selectors.cpp:42
#6 0x7d53d7 in Sass::Parser::parseSelectorList(bool) src/parser_selectors.cpp:82
#7 0x6b08b4 in Sass::Parser::parse_ruleset(Lookahead) src/parser.cpp:512
#8 0x6808a1 in Sass::Parser::parse_block_node(bool) src/parser.cpp:260
#9 0x678c8d in Sass::Parser::parse_block_nodes(bool) src/parser.cpp:171
Indirect leak of 120 byte(s) in 1 object(s) allocated from:
#0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
#1 0x70e8ba in Sass::Parser::parse_css_variable_value() src/parser.cpp:1622
#2 0x6fe28f in Sass::Parser::parse_pseudo_selector() src/parser.cpp:764
#3 0x6f5559 in Sass::Parser::parse_simple_selector() src/parser.cpp
#4 0x7d24b0 in Sass::Parser::parseCompoundSelector() src/parser_selectors.cpp:171
#5 0x7cb472 in Sass::Parser::parseComplexSelector(bool) src/parser_selectors.cpp:42
#6 0x7d53d7 in Sass::Parser::parseSelectorList(bool) src/parser_selectors.cpp:82
#7 0x6b08b4 in Sass::Parser::parse_ruleset(Lookahead) src/parser.cpp:512
#8 0x6808a1 in Sass::Parser::parse_block_node(bool) src/parser.cpp:260
#9 0x678c8d in Sass::Parser::parse_block_nodes(bool) src/parser.cpp:171
Indirect leak of 56 byte(s) in 1 object(s) allocated from:
#0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
#1 0x48b1a3 in Sass::Context::register_resource(Sass::Include const&, Sass::Resource const&) src/context.cpp:277
#2 0x499705 in Sass::File_Context::parse() src/context.cpp:579
#3 0x44f7af in Sass::sass_parse_block(Sass_Compiler*) src/sass_context.cpp:182
#4 0x44f7af in sass_compiler_parse src/sass_context.cpp:436
#5 0x44e99b in sass_compile_context(Sass_Context*, Sass::Context*) src/sass_context.cpp:319
Indirect leak of 47 byte(s) in 2 object(s) allocated from:
#0 0x7fbea6bae808 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:144
#1 0x444171 in sass_alloc_memory src/sass.cpp:39
#2 0x444171 in sass_copy_c_string src/sass.cpp:51
#3 0x499705 in Sass::File_Context::parse() src/context.cpp:579
#4 0x44f7af in Sass::sass_parse_block(Sass_Compiler*) src/sass_context.cpp:182
#5 0x44f7af in sass_compiler_parse src/sass_context.cpp:436
#6 0x44e99b in sass_compile_context(Sass_Context*, Sass::Context*) src/sass_context.cpp:319
Indirect leak of 16 byte(s) in 1 object(s) allocated from:
#0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
#1 0x7b9602 in __gnu_cxx::new_allocator<Sass::SharedImpl<Sass::PreValue> >::allocate(unsigned long, void const*) /usr/lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/ext/new_allocator.h:114
#2 0x7b9602 in std::allocator_traits<std::allocator<Sass::SharedImpl<Sass::PreValue> > >::allocate(std::allocator<Sass::SharedImpl<Sass::PreValue> >&, unsigned long) /usr/lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/alloc_traits.h:443
#3 0x7b9602 in std::_Vector_base<Sass::SharedImpl<Sass::PreValue>, std::allocator<Sass::SharedImpl<Sass::PreValue> > >::_M_allocate(unsigned long) /usr/lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/stl_vector.h:343
#4 0x7b9602 in void std::vector<Sass::SharedImpl<Sass::PreValue>, std::allocator<Sass::SharedImpl<Sass::PreValue> > >::_M_realloc_insert<Sass::SharedImpl<Sass::PreValue> const&>(__gnu_cxx::__normal_iterator<Sass::SharedImpl<Sass::PreValue>*, std::vector<Sass::SharedImpl<Sass::PreValue>, std::allocator<Sass::SharedImpl<Sass::PreValue> > > >, Sass::SharedImpl<Sass::PreValue> const&) /usr/lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/vector.tcc:440
#5 0xb877bf in Sass::SimpleSelector::SimpleSelector(Sass::SourceSpan, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >) src/ast_selectors.cpp:75
SUMMARY: AddressSanitizer: 695 byte(s) leaked in 8 allocation(s).
6. POC
Download: poc1
Report of the Information Security Laboratory of Ocean University of China @OUC_ISLOUC @OUC_Blue_Whale
