I'm running a test system where everything is compiled with the memory safety check system Address Sanitizer (part of gcc, with -fsanitize=address in CFLAGS).
I occasionally get crashes from monit indicating asan has detected a use after free error, I'll paste a stack trace below. I have tried to analyze it, but I'm unfamiliar with the code, so I didn't get very far. Depending on how exactly this is triggered this could be a security issue.
================================================================= ==31663==ERROR: AddressSanitizer: heap-use-after-free on address 0x60700000c213 at pc 0x4323ee bp 0x7ffcd9b620a0 sp 0x7ffcd9b62090 WRITE of size 1 at 0x60700000c213 thread T0 #0 0x4323ed in _handleEvent src/event.c:388 #1 0x4323ed in Event_post src/event.c:462 #2 0x4607fc in _checkTimeout src/validate.c:1183 #3 0x4607fc in validate src/validate.c:1289 #4 0x40efe7 in do_default src/monit.c:586 #5 0x40efe7 in do_action src/monit.c:414 #6 0x40efe7 in main src/monit.c:173 #7 0x7ff1b4e1afcf in __libc_start_main (/lib64/libc.so.6+0x20fcf) #8 0x410369 in _start (/usr/bin/monit+0x410369) 0x60700000c213 is located 35 bytes inside of 80-byte region [0x60700000c1f0,0x60700000c240) freed by thread T0 here: #0 0x7ff1b67b54e1 in __interceptor_free (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.4/libasan.so.1+0x574e1) #1 0x43874b in gc_event src/gc.c:156 previously allocated by thread T0 here: #0 0x7ff1b67b58d9 in calloc (/usr/lib/gcc/x86_64-pc-linux-gnu/4.9.4/libasan.so.1+0x578d9) #1 0x4aeb7b in Mem_calloc src/system/Mem.c:64