Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LeakSanitizer: detected memory leaks #3179

Closed
ex7l0it opened this issue Oct 16, 2022 · 1 comment
Closed

LeakSanitizer: detected memory leaks #3179

ex7l0it opened this issue Oct 16, 2022 · 1 comment
Labels
Dev - PR Ready

Comments

@ex7l0it
Copy link

ex7l0it commented Oct 16, 2022

1. Description

695 byte(s) leaked in 8 allocation(s) when running program ./sassc/bin/sassc, this can reproduce on the lattest commit.

2. Software version info

$ ./sassc/bin/sassc --version
sassc: 3.6.2
libsass: 3.6.5-8-g210218
sass2scss: 1.1.1
sass: 3.5

3. System version info

Ubuntu 20.04.2 LTS
Linux 5.4.0-65-generic

4. Command

./sassc/bin/sassc ./poc1

5. Result

$ ./sassc/bin/sassc ./poc1
Error: Invalid CSS after ":t(0):n({}": expected ")", was ""
        on line 1:10 of ./poc1
>> :t(0):n({}
   ---------^

=================================================================
==1416288==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 208 byte(s) in 1 object(s) allocated from:
    #0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
    #1 0x6fe299 in Sass::Parser::parse_pseudo_selector() src/parser.cpp:765
    #2 0x6f5559 in Sass::Parser::parse_simple_selector() src/parser.cpp
    #3 0x7d24b0 in Sass::Parser::parseCompoundSelector() src/parser_selectors.cpp:171
    #4 0x7cb472 in Sass::Parser::parseComplexSelector(bool) src/parser_selectors.cpp:42
    #5 0x7d53d7 in Sass::Parser::parseSelectorList(bool) src/parser_selectors.cpp:82
    #6 0x6b08b4 in Sass::Parser::parse_ruleset(Lookahead) src/parser.cpp:512
    #7 0x6808a1 in Sass::Parser::parse_block_node(bool) src/parser.cpp:260
    #8 0x678c8d in Sass::Parser::parse_block_nodes(bool) src/parser.cpp:171

Indirect leak of 128 byte(s) in 1 object(s) allocated from:
    #0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
    #1 0x70cf56 in Sass::Parser::parse_css_variable_value() src/parser.cpp:1594
    #2 0x6fe28f in Sass::Parser::parse_pseudo_selector() src/parser.cpp:764
    #3 0x6f5559 in Sass::Parser::parse_simple_selector() src/parser.cpp
    #4 0x7d24b0 in Sass::Parser::parseCompoundSelector() src/parser_selectors.cpp:171
    #5 0x7cb472 in Sass::Parser::parseComplexSelector(bool) src/parser_selectors.cpp:42
    #6 0x7d53d7 in Sass::Parser::parseSelectorList(bool) src/parser_selectors.cpp:82
    #7 0x6b08b4 in Sass::Parser::parse_ruleset(Lookahead) src/parser.cpp:512
    #8 0x6808a1 in Sass::Parser::parse_block_node(bool) src/parser.cpp:260
    #9 0x678c8d in Sass::Parser::parse_block_nodes(bool) src/parser.cpp:171

Indirect leak of 120 byte(s) in 1 object(s) allocated from:
    #0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
    #1 0x70f098 in Sass::Parser::parse_css_variable_value() src/parser.cpp:1633
    #2 0x6fe28f in Sass::Parser::parse_pseudo_selector() src/parser.cpp:764
    #3 0x6f5559 in Sass::Parser::parse_simple_selector() src/parser.cpp
    #4 0x7d24b0 in Sass::Parser::parseCompoundSelector() src/parser_selectors.cpp:171
    #5 0x7cb472 in Sass::Parser::parseComplexSelector(bool) src/parser_selectors.cpp:42
    #6 0x7d53d7 in Sass::Parser::parseSelectorList(bool) src/parser_selectors.cpp:82
    #7 0x6b08b4 in Sass::Parser::parse_ruleset(Lookahead) src/parser.cpp:512
    #8 0x6808a1 in Sass::Parser::parse_block_node(bool) src/parser.cpp:260
    #9 0x678c8d in Sass::Parser::parse_block_nodes(bool) src/parser.cpp:171

Indirect leak of 120 byte(s) in 1 object(s) allocated from:
    #0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
    #1 0x70e8ba in Sass::Parser::parse_css_variable_value() src/parser.cpp:1622
    #2 0x6fe28f in Sass::Parser::parse_pseudo_selector() src/parser.cpp:764
    #3 0x6f5559 in Sass::Parser::parse_simple_selector() src/parser.cpp
    #4 0x7d24b0 in Sass::Parser::parseCompoundSelector() src/parser_selectors.cpp:171
    #5 0x7cb472 in Sass::Parser::parseComplexSelector(bool) src/parser_selectors.cpp:42
    #6 0x7d53d7 in Sass::Parser::parseSelectorList(bool) src/parser_selectors.cpp:82
    #7 0x6b08b4 in Sass::Parser::parse_ruleset(Lookahead) src/parser.cpp:512
    #8 0x6808a1 in Sass::Parser::parse_block_node(bool) src/parser.cpp:260
    #9 0x678c8d in Sass::Parser::parse_block_nodes(bool) src/parser.cpp:171

Indirect leak of 56 byte(s) in 1 object(s) allocated from:
    #0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
    #1 0x48b1a3 in Sass::Context::register_resource(Sass::Include const&, Sass::Resource const&) src/context.cpp:277
    #2 0x499705 in Sass::File_Context::parse() src/context.cpp:579
    #3 0x44f7af in Sass::sass_parse_block(Sass_Compiler*) src/sass_context.cpp:182
    #4 0x44f7af in sass_compiler_parse src/sass_context.cpp:436
    #5 0x44e99b in sass_compile_context(Sass_Context*, Sass::Context*) src/sass_context.cpp:319

Indirect leak of 47 byte(s) in 2 object(s) allocated from:
    #0 0x7fbea6bae808 in __interceptor_malloc ../../../../src/libsanitizer/asan/asan_malloc_linux.cc:144
    #1 0x444171 in sass_alloc_memory src/sass.cpp:39
    #2 0x444171 in sass_copy_c_string src/sass.cpp:51
    #3 0x499705 in Sass::File_Context::parse() src/context.cpp:579
    #4 0x44f7af in Sass::sass_parse_block(Sass_Compiler*) src/sass_context.cpp:182
    #5 0x44f7af in sass_compiler_parse src/sass_context.cpp:436
    #6 0x44e99b in sass_compile_context(Sass_Context*, Sass::Context*) src/sass_context.cpp:319

Indirect leak of 16 byte(s) in 1 object(s) allocated from:
    #0 0x7fbea6bb0587 in operator new(unsigned long) ../../../../src/libsanitizer/asan/asan_new_delete.cc:104
    #1 0x7b9602 in __gnu_cxx::new_allocator<Sass::SharedImpl<Sass::PreValue> >::allocate(unsigned long, void const*) /usr/lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/ext/new_allocator.h:114
    #2 0x7b9602 in std::allocator_traits<std::allocator<Sass::SharedImpl<Sass::PreValue> > >::allocate(std::allocator<Sass::SharedImpl<Sass::PreValue> >&, unsigned long) /usr/lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/alloc_traits.h:443
    #3 0x7b9602 in std::_Vector_base<Sass::SharedImpl<Sass::PreValue>, std::allocator<Sass::SharedImpl<Sass::PreValue> > >::_M_allocate(unsigned long) /usr/lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/stl_vector.h:343
    #4 0x7b9602 in void std::vector<Sass::SharedImpl<Sass::PreValue>, std::allocator<Sass::SharedImpl<Sass::PreValue> > >::_M_realloc_insert<Sass::SharedImpl<Sass::PreValue> const&>(__gnu_cxx::__normal_iterator<Sass::SharedImpl<Sass::PreValue>*, std::vector<Sass::SharedImpl<Sass::PreValue>, std::allocator<Sass::SharedImpl<Sass::PreValue> > > >, Sass::SharedImpl<Sass::PreValue> const&) /usr/lib/gcc/x86_64-linux-gnu/9/../../../../include/c++/9/bits/vector.tcc:440
    #5 0xb877bf in Sass::SimpleSelector::SimpleSelector(Sass::SourceSpan, std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> >) src/ast_selectors.cpp:75

SUMMARY: AddressSanitizer: 695 byte(s) leaked in 8 allocation(s).

6. POC

Download: poc1

Report of the Information Security Laboratory of Ocean University of China @OUC_ISLOUC @OUC_Blue_Whale
@mgreter
Copy link
Contributor

mgreter commented Dec 15, 2023

Addressed via #3184

@mgreter mgreter closed this as completed Dec 21, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
Dev - PR Ready
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@mgreter @ex7l0it