NEW223324
memory leak 
https://bugs.webkit.org/show_bug.cgi?id=223324
Summary memory leak
Xiaoyu He
Reported 2021-03-16 23:39:07 PDT
Created attachment 423440 [details] poc ==3031==ERROR: LeakSanitizer: detected memory leaks Direct leak of 1088 byte(s) in 6 object(s) allocated from: #0 0x4e0ee0 (/root/targets/targets/jsc_afl_asan18+0x4e0ee0) #1 0x695e87e (/root/targets/targets/jsc_afl_asan18+0x695e87e) SUMMARY: AddressSanitizer: 1088 byte(s) leaked in 6 allocation(s).
Attachments
poc (227 bytes, text/javascript)
2021-03-16 23:39 PDT, Xiaoyu He 		no flags
Details
View All Add attachment proposed patch, testcase, etc.
Radar WebKit Bug Importer
Comment 1 2021-03-16 23:39:17 PDT
<rdar://problem/75513657>
Darin Adler
Comment 2 2021-03-17 18:44:14 PDT
What would make a memory leak become an exploitable security issue?
Xiaoyu He
Comment 3 2021-03-17 18:59:03 PDT
(In reply to Darin Adler from comment #2) > What would make a memory leak become an exploitable security issue? A remote attacker with operation privilege could exploit the vulnerability by sending specific messages continuously. Successful exploit may cause some service abnormal
Michael Catanzaro
Comment 4 2023-11-02 12:13:17 PDT
WebKit is filled with memory leaks. The worst that's going to happen is an OOM kill. We don't track these as security bugs. Your report from LeakSanitizer would be a lot more useful if you built with debuginfo enabled, so we can see what's going on. But the poc is sufficient for a bug report.
Note You need to log in before you can comment on or make changes to this bug.