Skip to content

phpdbg memory leaks by option "-h" #9710

@randomssr

Description

@randomssr

Description

phpdbg memory leaks by misuse of the option "-h"

When the program input contains the option of "-h", the program will cause memory leaks and cause crash.

Test Environment

Ubuntu 20.04, 64 bit PHP (version: 8.0.23)

How to trigger

  1. Compile the program with AddressSanitizer $ CC=/home/root/AFLplusplus/afl-clang-fast CXX=/home/root/AFLplusplus/afl-clang-fast++ CFLAGS="-g -O0 -fsanitize=address" CXXFLAGS="-g -O0 -fsanitize=address" ./configure --prefix=pwd/install
  2. Run command $ ./phpdbg -h

Details

ASAN report

$ ./phpdbg   -h 
�[1mphpdbg�[0m is a lightweight, powerful and easy to use debugging platform for
PHP5.4+
It supports the following commands:

�[1mInformation�[0m
  �[1mlist�[0m      list PHP source
  �[1minfo�[0m      displays information on the debug session
  �[1mprint�[0m     show opcodes
  �[1mframe�[0m     select a stack frame and print a stack frame summary
  �[1mgenerator�[0m show active generators or select a generator frame
  �[1mback�[0m      shows the current backtrace
  �[1mhelp�[0m      provide help on a topic

�[1mStarting and Stopping Execution�[0m
  �[1mexec�[0m      set execution context
  �[1mstdin�[0m     set executing script from stdin
  �[1mrun�[0m       attempt execution
  �[1mstep�[0m      continue execution until other line is reached
  �[1mcontinue�[0m  continue execution
  �[1muntil�[0m     continue execution up to the given location
  �[1mnext�[0m      continue execution up to the given location and halt on the first
line after it
  �[1mfinish�[0m    continue up to end of the current execution frame
  �[1mleave�[0m     continue up to end of the current execution frame and halt after
the calling instruction
  �[1mbreak�[0m     set a breakpoint at the specified target
  �[1mwatch�[0m     set a watchpoint on $variable
  �[1mclear�[0m     clear one or all breakpoints
  �[1mclean�[0m     clean the execution environment

�[1mMiscellaneous�[0m
  �[1mset�[0m       set the phpdbg configuration
  �[1msource�[0m    execute a phpdbginit script
  �[1mregister�[0m  register a phpdbginit function as a command alias
  �[1msh�[0m        shell a command
  �[1mev�[0m        evaluate some code
  �[1mquit�[0m      exit phpdbg

Type �[1mhelp <command>�[0m or (�[1mhelp alias�[0m) to get detailed help on any of the above

---Type <return> to continue or q <return> to quit---
commands, for example �[1mhelp list�[0m or �[1mh l�[0m.  Note that help will also match
partial commands if unique (and list out options if not unique), so �[1mhelp exp�[0m
will give help on the �[1mexport�[0m command, but �[1mhelp ex�[0m will list the summary for
�[1mexec�[0m and �[1mexport�[0m.

Type �[1mhelp aliases�[0m to show a full alias list, including any registered phpdginit
functions
Type �[1mhelp syntax�[0m for a general introduction to the command syntax.
Type �[1mhelp options�[0m for a list of phpdbg command line options.
Type �[1mhelp phpdbginit�[0m to show how to customise the debugger environment.

requested help page could not be found

=================================================================
==865119==ERROR: LeakSanitizer: detected memory leaks



SUMMARY: AddressSanitizer: 6528 byte(s) leaked in 204 allocation(s).

The complete asan report can be seen from ASANReport

PHP Version

PHP 8.0.23

Operating System

No response

Metadata

Metadata

Assignees

No one assigned

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions