Package: valgrind
Version: 1:3.10.1-4
Severity: normal
Tags: patch
--- Please enter the report below this line. ---
Hi.
Wenn using socket syscalls (bind in my case) with address families not
specially handled by valgrind (i.e. not AF_INET(6), AF_UNIX,
AF_BLUETOOTH, AF_NETLINK), I get false positives for unitialized memory.
The problem is, that for an unknown address-family the memory of the
sockaddr struct is checked from AFTER the sa_family field for salen bytes,
which then (correctly) finds uninitialized memory AFTER the actual struct.
Either the memory has to be checked for salen - sizeof(sa_family) or the
whole sockaddr struct has to be checked.
These are the two ways to fix this (also attached as patches). I'd prefer
way 1, since I see no reason not to check the sa_family field again, when
it makes the code more readable.
way 1:
--- valgrind-3.10.1.orig/coregrind/m_syswrap/syswrap-generic.c
+++ valgrind-3.10.1/coregrind/m_syswrap/syswrap-generic.c
@@ -1126,7 +1126,7 @@ void pre_mem_read_sockaddr ( ThreadId ti
Note that this can give false positive if this (unknown)
struct sockaddr_???? has padding bytes between its elements. */
VG_(sprintf) ( outmsg, description, "sa_data" );
- PRE_MEM_READ( outmsg, (Addr)&sa->sa_family + sizeof(sa->sa_family),
+ PRE_MEM_READ( outmsg, (Addr)&sa->sa_family,
salen );
break;
}
way 2:
--- valgrind-3.10.1.orig/coregrind/m_syswrap/syswrap-generic.c
+++ valgrind-3.10.1/coregrind/m_syswrap/syswrap-generic.c
@@ -1127,7 +1127,7 @@ void pre_mem_read_sockaddr ( ThreadId ti
struct sockaddr_???? has padding bytes between its elements. */
VG_(sprintf) ( outmsg, description, "sa_data" );
PRE_MEM_READ( outmsg, (Addr)&sa->sa_family + sizeof(sa->sa_family),
- salen );
+ salen - sizeof(sa->sa_family) );
break;
}
Regards
Andre Naujoks
--- System information. ---
Architecture: amd64
Kernel: Linux 4.1.0-2-amd64
Debian Release: stretch/sid
500 unstable ftp.de.debian.org
500 stable dl.google.com
--- Package information. ---
Depends (Version) | Installed
========================-+-===========
libc6 (>= 2.16) |
libc6-dbg |
Recommends (Version) | Installed
===========================-+-===========
valgrind-dbg | 1:3.10.1-4
gdb | 7.10-1
Suggests (Version) | Installed
===========================-+-===========
valgrind-mpi |
kcachegrind |
alleyoop |
valkyrie (>> 1.3.0) |
Index: valgrind-3.10.1/coregrind/m_syswrap/syswrap-generic.c
===================================================================
--- valgrind-3.10.1.orig/coregrind/m_syswrap/syswrap-generic.c
+++ valgrind-3.10.1/coregrind/m_syswrap/syswrap-generic.c
@@ -1126,7 +1126,7 @@ void pre_mem_read_sockaddr ( ThreadId ti
Note that this can give false positive if this (unknown)
struct sockaddr_???? has padding bytes between its elements. */
VG_(sprintf) ( outmsg, description, "sa_data" );
- PRE_MEM_READ( outmsg, (Addr)&sa->sa_family + sizeof(sa->sa_family),
+ PRE_MEM_READ( outmsg, (Addr)&sa->sa_family,
salen );
break;
}
Index: valgrind-3.10.1/coregrind/m_syswrap/syswrap-generic.c
===================================================================
--- valgrind-3.10.1.orig/coregrind/m_syswrap/syswrap-generic.c
+++ valgrind-3.10.1/coregrind/m_syswrap/syswrap-generic.c
@@ -1127,7 +1127,7 @@ void pre_mem_read_sockaddr ( ThreadId ti
struct sockaddr_???? has padding bytes between its elements. */
VG_(sprintf) ( outmsg, description, "sa_data" );
PRE_MEM_READ( outmsg, (Addr)&sa->sa_family + sizeof(sa->sa_family),
- salen );
+ salen - sizeof(sa->sa_family) );
break;
}
