Created attachment 1507938 [details] ./las2pg POC3 version: libLAS2.4 Summary: There is memory leak at liblas::Open(liblas/liblas.hpp:127) in libLAS. Description: The asan debug is as follows: $./las2pg POC3 ================================================================= ==41016==ERROR: LeakSanitizer: detected memory leaks Direct leak of 520 byte(s) in 1 object(s) allocated from: #0 0x7f94b41c88b2 in operator new(unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x998b2) #1 0x7f94b3f02a37 in liblas::Open(std::__cxx11::basic_string<char, std::char_traits<char>, std::allocator<char> > const&, std::_Ios_Openmode) /home/company/real_sanitize/libLAS-master/include/liblas/liblas.hpp:127 #2 0x7f94b3f02a37 in LASReader_Create /home/company/real_sanitize/libLAS-master/src/c_api.cpp:237 Indirect leak of 8192 byte(s) in 1 object(s) allocated from: #0 0x7f94b41c8a32 in operator new[](unsigned long) (/usr/lib/x86_64-linux-gnu/libasan.so.2+0x99a32) #1 0x7f94b276c8a7 in std::basic_filebuf<char, std::char_traits<char> >::_M_allocate_internal_buffer() (/usr/lib/x86_64-linux-gnu/libstdc++.so.6+0xec8a7) SUMMARY: AddressSanitizer: 8712 byte(s) leaked in 2 allocation(s).
This appears to be CVE-2018-20540.
This bug appears to have been reported against 'rawhide' during the Fedora 31 development cycle. Changing version to '31'.
This bug appears to have been reported against 'rawhide' during the Fedora 31 development cycle. Changing version to 31.
This package has changed maintainer in the Fedora. Reassigning to the new maintainer of this component.
FEDORA-2020-6dbbecb893 has been submitted as an update to Fedora 32. https://bodhi.fedoraproject.org/updates/FEDORA-2020-6dbbecb893
FEDORA-2020-b0695fcdf7 has been submitted as an update to Fedora 31. https://bodhi.fedoraproject.org/updates/FEDORA-2020-b0695fcdf7
FEDORA-2020-b0695fcdf7 has been pushed to the Fedora 31 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-b0695fcdf7` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-b0695fcdf7 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2020-6dbbecb893 has been pushed to the Fedora 32 testing repository. In short time you'll be able to install the update with the following command: `sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2020-6dbbecb893` You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2020-6dbbecb893 See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.
FEDORA-2020-6dbbecb893 has been pushed to the Fedora 32 stable repository. If problem still persists, please make note of it in this bug report.
FEDORA-2020-b0695fcdf7 has been pushed to the Fedora 31 stable repository. If problem still persists, please make note of it in this bug report.