Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make sure to free default @text format on error #2771

Merged
merged 1 commit into from
Jul 25, 2023
Merged

Make sure to free default @text format on error #2771

merged 1 commit into from
Jul 25, 2023

Conversation

emanuele6
Copy link
Member

@emanuele6 emanuele6 commented Jul 25, 2023
edited
Loading

It seems that bison doesn't call destructors for mid-rule action components on error, since it does not know their type.

A mid-rule action was used to allocate the "text" string used as format by string literals without a format, which would leak on error.
This patch replaces it with a new NoFormat component of type <literal>.
Now bison will call jv_free() on that string after a syntax error.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60836

$ ./jq '"'
jq: error: syntax error, unexpected end of file, expecting QQSTRING_TEXT or QQSTRING_INTERP_START or QQSTRING_END (Unix shell quoting issues?) at <top-level>, line 1:
"
jq: 1 compile error

=================================================================
==1495450==ERROR: LeakSanitizer: detected memory leaks

Direct leak of 21 byte(s) in 1 object(s) allocated from:
    #0 0x7fc21aee1359 in __interceptor_malloc /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:69
    #1 0x557ccb6ff608 in jv_mem_alloc src/jv_alloc.c:141

SUMMARY: AddressSanitizer: 21 byte(s) leaked in 1 allocation(s).

@emanuele6
Make sure to free default @text format on error
e951581 
It seems that bison doesn't call destructors for mid-rule action
components on error, since it does not know their type.

A mid-rule action was used to allocate the "text" string used as format
by string literals without a format, which would leak on error.
This patch replaces it with a new NoFormat component of type <literal>.
Now bison will call jv_free() on that string after a syntax error.

Fixes https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=60836

  $ ./jq '"'
  jq: error: syntax error, unexpected end of file, expecting QQSTRING_TEXT or QQSTRING_INTERP_START or QQSTRING_END (Unix shell quoting issues?) at <top-level>, line 1:
  "
  jq: 1 compile error

  =================================================================
  ==1495450==ERROR: LeakSanitizer: detected memory leaks

  Direct leak of 21 byte(s) in 1 object(s) allocated from:
      #0 0x7fc21aee1359 in __interceptor_malloc /usr/src/debug/gcc/gcc/libsanitizer/asan/asan_malloc_linux.cpp:69
      jqlang#1 0x557ccb6ff608 in jv_mem_alloc src/jv_alloc.c:141

  SUMMARY: AddressSanitizer: 21 byte(s) leaked in 1 allocation(s).
@nicowilliams
Copy link
Contributor

LGTM. Waiting on builds.

@emanuele6 emanuele6 added the bug label Jul 25, 2023
@emanuele6 emanuele6 added this to the 1.7 release milestone Jul 25, 2023
@nicowilliams nicowilliams merged commit ae95864 into jqlang:master Jul 25, 2023
28 checks passed
@emanuele6 emanuele6 deleted the freetext branch July 25, 2023 19:55
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
bug
Projects
None yet
Milestone
1.7 release
Development

Successfully merging this pull request may close these issues.
2 participants
@emanuele6 @nicowilliams