-
Notifications
You must be signed in to change notification settings - Fork 1.1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Valgrind reported memory access bugs #9833
base: main
Are you sure you want to change the base?
Valgrind reported memory access bugs #9833
Conversation
Signed off by: Nick Owens - nick.owens@eero.com if we couldn't set NETLINK_EXT_ACK, there's no extra nlmsg attributes in the error. avoid UB and walking uninitialized memory by checking the flag for those attributes. for us, this avoids segfaults and in one instance, an infinite loop while walking the non-existant attributes.
Signed-off by: Nick Owens nick.owens@eero.com this removes a valgrind warning about use of uninitialized memory in a syscall when backtrace is enabled.
Size Report of OpenThread
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Thanks @gabekassel :)
One suggestion below:
src/core/thread/key_manager.hpp
Outdated
@@ -85,7 +85,7 @@ class SecurityPolicy : public otSecurityPolicy, public Equatable<SecurityPolicy> | |||
* and Security Policy Flags. | |||
* | |||
*/ | |||
SecurityPolicy(void) { SetToDefault(); } | |||
SecurityPolicy(void) : otSecurityPolicy() { SetToDefault(); } |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This may not do what we intend in all cases (all toochains) since otSecuretyPolicy()
is a C struct definition (so no constructor is defined for it). Default constructor may not clear all its fields (behavior can be toolchain dependent)
It may be safer to explicitly clear all its bytes. Here is my suggestion:
- We can add
public Clearable<SecurityPolicy>
as a base class toclass SecurityPolicy
:
class SecurityPolicy : public otSecurityPolicy, public Equatable<SecurityPolicy>, public Clearable<SecurityPolicy>
- And then we can add a
Clear()
call inSetToDefault()
method
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@abtink applied. let me know if that looks right
Codecov ReportAttention: Patch coverage is
Additional details and impacted files@@ Coverage Diff @@
## main #9833 +/- ##
==========================================
+ Coverage 78.86% 82.28% +3.42%
==========================================
Files 537 555 +18
Lines 67706 73691 +5985
==========================================
+ Hits 53393 60635 +7242
+ Misses 14313 13056 -1257
|
69b695d
to
f4482ea
Compare
Signed-off by: Nick Owens nick.owens@eero.com valgrind reports that otSecurityPolicy is used uninitialized, so just make it zero. clear all bytes when setting to default make pretty
f4482ea
to
18fd2a3
Compare
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Looks good. Thanks. Couple of suggested changes below:
Co-authored-by: Abtin Keshavarzian <abtink@google.com>
Co-authored-by: Abtin Keshavarzian <abtink@google.com>
…penthread into gkass/netlink-memory-access
updated |
make pretty still fails - not sure why exactly |
mRotationTime = kDefaultKeyRotationTime; | ||
SetToDefaultFlags(); | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Remove extra line to satisfy pretty check.
mRotationTime = kDefaultKeyRotationTime; | |
SetToDefaultFlags(); | |
mRotationTime = kDefaultKeyRotationTime; | |
SetToDefaultFlags(); |
Fix one serious and two less serious uninitialized memory access bugs in openthread. All of these were found using valgrind.