24001 – A memory leak issue was discovered in function debug_init in debug.c

Bug 24001 - A memory leak issue was discovered in function debug_init in debug.c

Summary: A memory leak issue was discovered in function debug_init in debug.c

Status:	RESOLVED FIXED

Alias:	None

Product:	binutils
Classification:	Unclassified
Component:	binutils (show other bugs)
Version:	2.31

Importance:	P2 normal
Target Milestone:	---
Assignee:	Not yet assigned to anyone

URL:
Keywords:

Depends on:
Blocks:

Reported:	2018-12-18 14:59 UTC by wcventure
Modified:	2019-01-04 12:21 UTC (History)
CC List:	1 user (show)

See Also:
Host:
Target:
Build:
Last reconfirmed:

Attachments
POC1 (63 bytes, application/octet-stream) 2018-12-18 14:59 UTC, wcventure	Details
POC2 (72 bytes, application/octet-stream) 2018-12-18 14:59 UTC, wcventure	Details
View All Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description wcventure 2018-12-18 14:59:41 UTC

Created attachment 11468 [details]
POC1

Hi there,

A memory leak issue was discovered in debug.c, as distributed in GNU Binutils 2.31. 
In debug_init function in debug.c, the is a heap allocation. But this heap allocation didn't deallocate in the end. The source Code show as follow.

> void *
> debug_init (void)
> {
>   struct debug_handle *ret;
> 
>   ret = (struct debug_handle *) xmalloc (sizeof *ret);
>   memset (ret, 0, sizeof *ret);
>   return (void *) ret;
> }

Please use the "./objdump -xg $POC" to reproduce the bug.
To reproduce this bug. You need to build bintuils-2.31 with ASAN, setting following Command:

> export ASAN_OPTIONS=abort_on_error=1:symbolize=1:detect_leaks=1


The Leak Sanitizer dumps the stack trace as follows:

> =================================================================
> ==12163==ERROR: LeakSanitizer: detected memory leaks
> 
> Direct leak of 96 byte(s) in 1 object(s) allocated from:
>     #0 0x7fcb75396602 in malloc (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x98602)
>     #1 0x8f925b in xmalloc xmalloc.c:147
>     #2 0x4734b9 in debug_init /binutils-2.31_ASAN/binutils/debug.c:666
>     #3 0x47014b in read_debugging_info /binutils-2.31_ASAN/binutils/rddbg.c:51
>     #4 0x41e02c in dump_bfd objdump.c:3637
>     #5 0x41e30e in display_object_bfd objdump.c:3688
>     #6 0x41e89c in display_any_bfd objdump.c:3777
>     #7 0x41e936 in display_file objdump.c:3798
>     #8 0x41fb25 in main objdump.c:4100
>     #9 0x7fcb7404382f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
> 
> SUMMARY: AddressSanitizer: 96 byte(s) leaked in 1 allocation(s).

Comment 1 wcventure 2018-12-18 14:59:59 UTC

Created attachment 11469 [details]
POC2

Comment 2 Sourceware Commits 2019-01-04 12:13:38 UTC

The master branch has been updated by Nick Clifton <nickc@sourceware.org>:

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=cf0ad5bbf2d3fdb751b5f3f49e55d251d48c7416

commit cf0ad5bbf2d3fdb751b5f3f49e55d251d48c7416
Author: Nick Clifton <nickc@redhat.com>
Date:   Fri Jan 4 12:11:51 2019 +0000

    Fix ridiculously small memory leak.
    
    	PR 24001
    	* objcopy.c (copy_object): Free dhandle after writing out the
    	debug information.
    	* objdump.c (dump_bfd): Free dhandle after printing out the debug
    	information.

Comment 3 Nick Clifton 2019-01-04 12:21:48 UTC

Well this is the most trivial bug report that I have ever had to look at.  Honestly is it really worth reporting a memory leak of a few tens of bytes,
especially when they are released when the programs terminate ?

Anyway, I have gone ahead and fixed it because it was simple to trace down the uses of the allocated structure and add a couple of free() statements.