Wireshark-commits: [Wireshark-commits] master e3a7676: quic: fix secret memleaks.

From: Wireshark code review <code-review-do-not-reply@xxxxxxxxxxxxx>
Date: Fri, 02 Feb 2018 22:27:51 +0000
URL: https://code.wireshark.org/review/gitweb?p=wireshark.git;a=commit;h=e3a76761861cf3baad8e9c998345be59bc725a2b
Submitter: Peter Wu (peter@xxxxxxxxxxxxx)
Changed: branch: master
Repository: wireshark

Commits:

e3a7676 by Jakub Zawadzki (darkjames-ws@xxxxxxxxxxxx):

    quic: fix secret memleaks.
    
    It looks like that quic_create_cleartext_decoders() need to free secrets, tls13_cipher_create() only use it as const.
    
    ASAN report:
    ERROR: LeakSanitizer: detected memory leaks
    
    Direct leak of 32 byte(s) in 1 object(s) allocated from:
        #0 0x4e26e8 in __interceptor_malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88
        #1 0x225b038 in g_malloc
        #2 0x1742014 in quic_derive_cleartext_secrets /src/wireshark/epan/dissectors/packet-quic.c:1071:10
        #3 0x173e579 in quic_create_cleartext_decoders /src/wireshark/epan/dissectors/packet-quic.c:1091:10
        #4 0x173dc89 in dissect_quic_long_header /src/wireshark/epan/dissectors/packet-quic.c:1221:14
        #5 0x173ced6 in dissect_quic /src/wireshark/epan/dissectors/packet-quic.c:1402:18
    (...)
    
    Direct leak of 32 byte(s) in 1 object(s) allocated from:
        #0 0x4e26e8 in __interceptor_malloc /src/llvm/projects/compiler-rt/lib/asan/asan_malloc_linux.cc:88
        #1 0x225b038 in g_malloc
        #2 0x1741fd5 in quic_derive_cleartext_secrets /src/wireshark/epan/dissectors/packet-quic.c:1065:10
        #3 0x173e579 in quic_create_cleartext_decoders /src/wireshark/epan/dissectors/packet-quic.c:1091:10
        #4 0x173dc89 in dissect_quic_long_header /src/wireshark/epan/dissectors/packet-quic.c:1221:14
        #5 0x173ced6 in dissect_quic /src/wireshark/epan/dissectors/packet-quic.c:1402:18
    (...)
    
    Found by oss-fuzz/5902.
    
    Change-Id: I6f8a4597411ee267773225e45043addb69928d66
    Link: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=5902
    Reviewed-on: https://code.wireshark.org/review/25571
    Petri-Dish: Jakub Zawadzki <darkjames-ws@xxxxxxxxxxxx>
    Tested-by: Petri Dish Buildbot
    Reviewed-by: Peter Wu <peter@xxxxxxxxxxxxx>
    

Actions performed:

    from  f244742   epl: fix map.title memleak.
    adds  e3a7676   quic: fix secret memleaks.


Summary of changes:
 epan/dissectors/packet-quic.c      | 6 +++++-
 epan/dissectors/packet-ssl-utils.c | 2 +-
 epan/dissectors/packet-ssl-utils.h | 2 +-
 3 files changed, 7 insertions(+), 3 deletions(-)