[Dnsmasq-discuss] Potential memory leak

[Simon Kelley]

On 31.01.2026 22:42, Matthias Andree wrote:

> I've built dnsmasq v2.93test2 on Fedora Linux 43 (amd64 aka x86_64) with 
> address and undefined behavior sanitizers in GCC and with HAVE_DNSSEC, 
> and I am providing three patches (should suit git-am) to fix
> 
> * one access past the end of the iovec (reading past the iovcnt limit) 
> that triggers AddressSanitizer reproducibly, in read_writev()
> 
> * one "variable may be used uninitialized" (I didn't check the logic, I 
> just bluntly added = NULL to shut up the compiler) in dnssec code
> 
> * one patch that fixes undefined behavior, where base32_decode may shift 
> into the sign bit which might wreak havoc on perverse C implementations 
> (compiler & processor combination); I didn't test if as alternative, 
> making the "oc" an unsigned integer could help, because for unsigned 
> integers, wrapping is well-defined, but not for signed integers. We can 
> clear the "oc" when we've written it.
> 
> I haven't seen a memory leak reported by address sanitizer yet, also 
> valgrind in leak-checking mode on FreeBSD didn't holler.
> 
> To reproduce, add #define HAVE_DNSSEC to src/config.h, and change these 
> three lines in Makefile - this assumes your debugger understands DWARF4 
> format and the compiler is reasonably compatible to GCC. You may need to 
> tweak ASAN_OPTIONS=detect_leaks=1 to enable leak checking. Note the leak 
> checker availability across operating systems is pretty limited. Systems 
> that don't have it want to forgo that and use a different leak checker 
> (valgrind might work).
> 
>> CFLAGS        = -Wall -W -Og -ggdb3 -gdwarf-4 -fno-omit-frame-pointer
>> LDFLAGS       = -fsanitize=address,undefined
>> COPTS         = -fsanitize=address,undefined
> 

Patches applied. Those build flags work well on Ubuntu 24.04 LTS, and 
have been noted for future use. Thanks.

I'm working on the assumption that there's something unusual in the 
Opensense configuration.  Just don't know what it is.

Simon.