[Bug] Infinite Memory Leak when scanning certain .exe file #204

New Issue

claunia · 2026-01-29T21:07:07Z

claunia commented

2026-01-29 21:07:07 +00:00

Originally created by @mills5 on GitHub (Sep 11, 2025).

Originally assigned to: @mnadareski on GitHub.

I was scanning a directory with ProtectionScan when it hung on a 30MB .exe file. I was away from my computer for a few minutes, when I came back ProtectionScan.exe was using 56GB of RAM and increasing.

File in question (slightly too big for github, sorry):
https://www.urazawa.com/other/startup.exe.zip

Steps To Reproduce

Run the latest x64 Windows version of ProtectionScan on startup.exe.
ProtectionScan will hang and infinitely increase RAM usage until it consumes all system RAM.

Originally created by @mills5 on GitHub (Sep 11, 2025). Originally assigned to: @mnadareski on GitHub. I was scanning a directory with ProtectionScan when it hung on a 30MB .exe file. I was away from my computer for a few minutes, when I came back ProtectionScan.exe was using 56GB of RAM and increasing. File in question (slightly too big for github, sorry): https://www.urazawa.com/other/startup.exe.zip ### Steps To Reproduce 1. Run the latest x64 Windows version of ProtectionScan on startup.exe. 2. ProtectionScan will hang and infinitely increase RAM usage until it consumes all system RAM.

claunia closed this issue

2026-01-29 21:07:07 +00:00

claunia commented

2026-01-29 21:07:08 +00:00

@Deterous commented on GitHub (Sep 11, 2025):

Can you confirm that you were using the "rolling release" build here: https://github.com/SabreTools/BinaryObjectScanner/releases/tag/rolling

A lot has changed since the last release, this is likely an issue fixed since then.

@Deterous commented on GitHub (Sep 11, 2025): Can you confirm that you were using the "rolling release" build here: https://github.com/SabreTools/BinaryObjectScanner/releases/tag/rolling A lot has changed since the last release, this is likely an issue fixed since then.

claunia commented

2026-01-29 21:07:08 +00:00

@mills5 commented on GitHub (Sep 11, 2025):

Yes, I was using the rolling release build.

This issue occurs only on the 64-bit build, the 32-bit build successfully checks the file.

@mills5 commented on GitHub (Sep 11, 2025): Yes, I was using the rolling release build. This issue occurs only on the 64-bit build, the 32-bit build successfully checks the file.

claunia commented

2026-01-29 21:07:08 +00:00

@mnadareski commented on GitHub (Sep 11, 2025):

The 32-bit build fails internally which is why it "successfully checks". This is an edge-case executable that has a partially-malformed table that was being parsed as correct.

@mnadareski commented on GitHub (Sep 11, 2025): The 32-bit build fails internally which is why it "successfully checks". This is an edge-case executable that has a partially-malformed table that was being parsed as correct.

claunia commented

2026-01-29 21:07:09 +00:00

@mnadareski commented on GitHub (Sep 12, 2025):

I was able to fix the root cause in a dependent library. Once that new version gets into BOS, I'll close this issue.

@mnadareski commented on GitHub (Sep 12, 2025): I was able to fix the root cause in a dependent library. Once that new version gets into BOS, I'll close this issue.

claunia commented

2026-01-29 21:07:09 +00:00

@mnadareski commented on GitHub (Sep 20, 2025):

Serialization library has been updated, this should be fixed in rolling release.

@mnadareski commented on GitHub (Sep 20, 2025): Serialization library has been updated, this should be fixed in rolling release.

Sign in to join this conversation.

1 Participants

Notifications

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: SabreTools/BinaryObjectScanner#204