oss-fuzz: add test case for cdf ref memleak (!27) · Merge requests · VideoLAN / Dav1d test data

Janne Grunau requested to merge janne/dav1d-test-data:oss-fuzz into master Dec 10, 2018

==1==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 40 byte(s) in 1 object(s) allocated from:
    #0 0x4eb5ff in malloc _asan_rtl_
    #1 0x52eb17 in dav1d_ref_wrap /src/dav1d/src/ref.c:58:21
    #2 0x52e96c in dav1d_ref_create /src/dav1d/src/ref.c:46:11
    #3 0x592299 in dav1d_cdf_thread_alloc /src/dav1d/src/cdf.c:4182:16
    #4 0x5511af in dav1d_submit_frame /src/dav1d/src/decode.c:3114:15
    #5 0x534fb0 in dav1d_parse_obus /src/dav1d/src/obu.c:1410:24
    #6 0x532017 in dav1d_get_picture /src/dav1d/src/lib.c:347:15
    #7 0x52bffb in LLVMFuzzerTestOneInput /src/dav1d/tests/libfuzzer/dav1d_fuzzer.c:129:19
    #8 0x6808b5 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15
    #9 0x6560dd in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
    #10 0x661926 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9
    #11 0x65575c in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #12 0x7f185d17982f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
Indirect leak of 20824 byte(s) in 1 object(s) allocated from:
    #0 0x4ec488 in __interceptor_posix_memalign _asan_rtl_
    #1 0x52ea4d in dav1d_alloc_aligned /src/dav1d/include/common/mem.h:46:9
    #2 0x52e952 in dav1d_ref_create /src/dav1d/src/ref.c:41:18
    #3 0x592299 in dav1d_cdf_thread_alloc /src/dav1d/src/cdf.c:4182:16
    #4 0x5511af in dav1d_submit_frame /src/dav1d/src/decode.c:3114:15
    #5 0x534fb0 in dav1d_parse_obus /src/dav1d/src/obu.c:1410:24
    #6 0x532017 in dav1d_get_picture /src/dav1d/src/lib.c:347:15
    #7 0x52bffb in LLVMFuzzerTestOneInput /src/dav1d/tests/libfuzzer/dav1d_fuzzer.c:129:19
    #8 0x6808b5 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) /src/libfuzzer/FuzzerLoop.cpp:571:15
    #9 0x6560dd in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) /src/libfuzzer/FuzzerDriver.cpp:280:6
    #10 0x661926 in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) /src/libfuzzer/FuzzerDriver.cpp:713:9
    #11 0x65575c in main /src/libfuzzer/FuzzerMain.cpp:20:10
    #12 0x7f185d17982f in __libc_start_main /build/glibc-Cl5G7W/glibc-2.23/csu/libc-start.c:291
SUMMARY: AddressSanitizer: 20864 byte(s) leaked in 2 allocation(s).

Edited Dec 10, 2018 by Janne Grunau

oss-fuzz: add test case for cdf ref memleak

Merge request reports