【fuzz】libsass --sanitizer address libsass LeakSanitizer: detected memory leaks

环境信息】
x86
【测试版本】
Name: libsass
Version: 3.6.4

【注意事项】
受影响版本排查（受影响/不受影响）
1、master
2、openEuler-20.03-LTS-SP3
3、openEuler-20.03-LTS-SP1
4、openEuler-20.03-LTS-SP2
5、openEuler-20.03-LTS
6、openEuler-21.03
7、openEuler-20.03-LTS-Next
8、openEuler-21.09
9、openEuler-22.03-LTS
10、openEuler-22.03-LTS-Next
11、openEuler-20.09

一、【测试步骤】
1、编译
python3 infra/helper.py build_fuzzers --sanitizer address libsass
2、执行
python3 infra/helper.py run_fuzzer libsass data_context_fuzzer

【报错信息】
==11==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 5 byte(s) in 1 object(s) allocated from:
    #0 0x562e1d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
    #1 0x595490 in LLVMFuzzerTestOneInput /src/data_context_fuzzer.cc:4:29
    #2 0x49d761 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #3 0x49cea5 in fuzzer::Fuzzer::RunOne(unsigned char const*, unsigned long, bool, fuzzer::InputInfo*, bool*) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:470:3
    #4 0x49ef77 in fuzzer::Fuzzer::MutateAndTestOne() /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:698:19
    #5 0x49f9f5 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:832:5
    #6 0x48e9ce in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:826:6
    #7 0x4b71a2 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #8 0x7f88efc7682f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

Direct leak of 1 byte(s) in 1 object(s) allocated from:
    #0 0x562e1d in malloc /src/llvm-project/compiler-rt/lib/asan/asan_malloc_linux.cpp:145:3
    #1 0x595490 in LLVMFuzzerTestOneInput /src/data_context_fuzzer.cc:4:29
    #2 0x49d761 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:556:15
    #3 0x49f286 in fuzzer::Fuzzer::ReadAndExecuteSeedCorpora(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:743:3
    #4 0x49f6f9 in fuzzer::Fuzzer::Loop(std::__Fuzzer::vector<fuzzer::SizedFile, fuzzer::fuzzer_allocator<fuzzer::SizedFile> >&) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerLoop.cpp:794:3
    #5 0x48e9ce in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerDriver.cpp:826:6
    #6 0x4b71a2 in main /src/llvm-project/compiler-rt/lib/fuzzer/FuzzerMain.cpp:19:10
    #7 0x7f88efc7682f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)

SUMMARY: AddressSanitizer: 6 byte(s) leaked in 2 allocation(s).
INFO: to ignore leaks on libFuzzer side use -detect_leaks=0.

MS: 5 ChangeBinInt-InsertByte-ChangeBinInt-InsertByte-ShuffleBytes-; base unit: 444a425ff4c74a2fbb3eec1cff25a92779a43296
0x0,0x3,0xff,0x55,
\x00\x03\xffU
artifact_prefix='./'; Test unit written to ./leak-44c6372c6f186c54787959ecc92582738df0c865
【预期结果】
运行无异常

【实际结果】
timeout

【复现步骤】
python3 infra/helper.py reproduce libsass data_context_fuzzer leak-72d5aad8a4264b60303accb4749a8c15d150504f

python3 infra/helper.py reproduce libsass data_context_fuzzer leak-44c6372c6f186c54787959ecc92582738df0c865

src-openEuler/libsass
关闭

内容风险标识

评论 (1)

src-openEuler/libsass关闭 .gitee-modal { width: 500px !important; }

内容风险标识