Skip to content

mbim-codegen,struct: use internal struct free method on read failure

This fixes the leak of the guint32 arrays when they are struct members.

  Direct leak of 132 byte(s) in 1 object(s) allocated from:
      #0 0x560831492d5e in __interceptor_malloc (/usr/libexec/fuzzers/test-mbim-message-fuzzer+0x17fd5e) (BuildId: fe53ba0c94fe4258)
      #1 0x7ff198d7637d in g_malloc /build/amd64-generic/tmp/portage/dev-libs/glib-2.76.4/work/glib-2.76.4-abi_x86_64.amd64/../glib-2.76.4/glib/gmem.c:130:13
      #2 0x5608314c358b in _mbim_message_read_guint32_array /build/amd64-generic/tmp/portage/net-libs/libmbim-9999/work/libmbim-9999-build/../libmbim-9999/src/libmbim-glib/mbim-message.c:494:14
      #3 0x560831555fed in _mbim_message_read_mbim_event_entry_struct /build/amd64-generic/tmp/portage/net-libs/libmbim-9999/work/libmbim-9999-build/src/libmbim-glib/generated/mbim-basic-connect.c:1559:10
      #4 0x560831555fed in _mbim_message_read_mbim_event_entry_ref_struct_array /build/amd64-generic/tmp/portage/net-libs/libmbim-9999/work/libmbim-9999-build/src/libmbim-glib/generated/mbim-basic-connect.c:1612:22
      #5 0x5608315934d1 in mbim_message_device_service_subscribe_list_response_get_printable /build/amd64-generic/tmp/portage/net-libs/libmbim-9999/work/libmbim-9999-build/src/libmbim-glib/generated/mbim-basic-connect.c:10769:14
      #6 0x5608314cc157 in mbim_message_get_printable_full /build/amd64-generic/tmp/portage/net-libs/libmbim-9999/work/libmbim-9999-build/../libmbim-9999/src/libmbim-glib/mbim-message.c
      #7 0x5608314c1e21 in LLVMFuzzerTestOneInput /build/amd64-generic/tmp/portage/net-libs/libmbim-9999/work/libmbim-9999-build/../libmbim-9999/src/libmbim-glib/test/test-message-fuzzer.c:31:17
      #8 0x5608313c6d60 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) (/usr/libexec/fuzzers/test-mbim-message-fuzzer+0xb3d60) (BuildId: fe53ba0c94fe4258)
      #9 0x5608313b1680 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) (/usr/libexec/fuzzers/test-mbim-message-fuzzer+0x9e680) (BuildId: fe53ba0c94fe4258)
      #10 0x5608313b6ab4 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) (/usr/libexec/fuzzers/test-mbim-message-fuzzer+0xa3ab4) (BuildId: fe53ba0c94fe4258)
      #11 0x5608313e2022 in main (/usr/libexec/fuzzers/test-mbim-message-fuzzer+0xcf022) (BuildId: fe53ba0c94fe4258)
      #12 0x7ff1983a36c5 in __libc_start_call_main /var/tmp/portage/cross-x86_64-cros-linux-gnu/glibc-2.35-r25/work/glibc-2.35/csu/../sysdeps/nptl/libc_start_call_main.h:58:16
      #13 0x7ff1983a3781 in __libc_start_main@GLIBC_2.2.5 /var/tmp/portage/cross-x86_64-cros-linux-gnu/glibc-2.35-r25/work/glibc-2.35/csu/../csu/libc-start.c:389:3
      #14 0x5608313a8aa0 in _start (/usr/libexec/fuzzers/test-mbim-message-fuzzer+0x95aa0) (BuildId: fe53ba0c94fe4258)

Merge request reports

Loading