Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[BUG] Memory Leak vulnerability in src/network.c #2653

Open
shiyujunz opened this issue Mar 1, 2025 · 0 comments
Open

[BUG] Memory Leak vulnerability in src/network.c #2653

shiyujunz opened this issue Mar 1, 2025 · 0 comments

Comments

@shiyujunz
Copy link

Hi, I have found a potential memory leak bug in src/network.c and would like to report it to the maintainers. Can you please help me to check it? Thank you for your effort and patience!

Below is the execution sequence of the program that may produce the bug.
First, in the file src/utils.c, the function xrealloc_location allocates memory on line 38.
Second, in file src/network.c, the function make_network calls the macro on line 250, which actually calls xrealloc_location to allocate memory for net.delta_rolling_max, and later returns net on line 266.
Third, in file src/network.c, function combine_train_valid_networks calls make_network on line 1491 to allocate memory for net_combined.
Finally, on line 1493, net_combined is redefined as net_train, which causes the previously allocated memory to be inaccessible, leading to a memory leak vulnerability.

Image

Thank you very much for reading and I look forward to hearing from you!
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shiyujunz