Skip to content

Usage of uninitialized data with sendmsg reported by valgrind #883

New issue
New issue
Open
Open
Usage of uninitialized data with sendmsg reported by valgrind#883
Labels
T-Bug
@illwieckz

Description

@illwieckz
illwieckz
opened on May 21, 2023

It's likely already uninitialized when InternalSendMsg is called.

==00:00:00:02.994 1245482== Warning: set address range perms: large range [0x9be1080, 0x29be1080) (undefined)
==00:00:00:02.994 1245482== Syscall param sendmsg(msg.msg_iov[3]) points to uninitialised byte(s)
==00:00:00:02.994 1245482==    at 0x054c590d: __libc_sendmsg (sendmsg.c:28)
==00:00:00:02.994 1245482==    by 0x054c590d: sendmsg (sendmsg.c:25)
==00:00:00:02.994 1245482==    by 0x00441d8a: NaClSendDatagram (nacl_imc.cc:132)
==00:00:00:02.994 1245482==    by 0x003afbc3: IPC::InternalSendMsg(int, bool, IPC::FileDesc const*, unsigned long, void const*, unsigned long) (Primitives.cpp:284)
==00:00:00:02.994 1245482==    by 0x003afd70: IPC::Socket::SendMsg(Util::Writer const&)
==00:00:00:02.994 1245482==    Address 0x9609f22 is 18 bytes inside a block of size 15,012 alloc'd
==00:00:00:02.994 1245482==    at 0x04845013: operator
==00:00:00:02.994 1245482==    by 0x0019f428: std::__new_allocator<char>::allocate(unsigned long, void const*) (new_allocator.h:137)
==00:00:00:02.994 1245482==    by 0x0019bfd3: std::allocator_traits<std::allocator<char>
==00:00:00:02.994 1245482==    by 0x0019f24d: std::_Vector_base<char,
==00:00:00:02.994 1245482==    Uninitialised value was created by a heap allocation
==00:00:00:02.994 1245482==    at 0x048462f3: operator
==00:00:00:02.994 1245482==    by 0x00404bb1: VM::CommonVMServices::HandleCommonQVMSyscall(int, Util::Reader&, IPC::Channel&)
==00:00:00:02.994 1245482==    by 0x0040acf4: decltype (((declval<VM:0)
==00:00:00:02.994 1245482==    by 0x00409e45: decltype (apply_impl((declval<VM:0)

==00:00:00:26.993 1288355== Syscall param sendmsg(msg.msg_iov[3]) points to uninitialised byte(s)
==00:00:00:26.993 1288355==    at 0x054c590d: __libc_sendmsg (sendmsg.c:28)
==00:00:00:26.993 1288355==    by 0x054c590d: sendmsg (sendmsg.c:25)
==00:00:00:26.993 1288355==    by 0x00441d8a: NaClSendDatagram (nacl_imc.cc:132)
==00:00:00:26.993 1288355==    by 0x003afbc3: IPC::InternalSendMsg(int, bool, IPC::FileDesc const*, unsigned long, void const*, unsigned long) (Primitives.cpp:284)
==00:00:00:26.993 1288355==    by 0x003afd70: IPC::Socket::SendMsg(Util::Writer const&)
==00:00:00:26.993 1288355==    Address 0x95e4132 is 18 bytes inside a block of size 15,012 alloc'd
==00:00:00:26.993 1288355==    at 0x04845013: operator
==00:00:00:26.993 1288355==    by 0x0019f428: std::__new_allocator<char>::allocate(unsigned long, void const*) (new_allocator.h:137)
==00:00:00:26.993 1288355==    by 0x0019bfd3: std::allocator_traits<std::allocator<char>
==00:00:00:26.993 1288355==    by 0x0019f24d: std::_Vector_base<char,
==00:00:00:26.993 1288355==    Uninitialised value was created by a heap allocation
==00:00:00:26.993 1288355==    at 0x048462f3: operator
==00:00:00:26.993 1288355==    by 0x00404bb1: VM::CommonVMServices::HandleCommonQVMSyscall(int, Util::Reader&, IPC::Channel&)
==00:00:00:26.993 1288355==    by 0x0040acf4: decltype (((declval<VM:0)
==00:00:00:26.993 1288355==    by 0x00409e45: decltype (apply_impl((declval<VM:0)

Maybe the uninitialized data is the handle but I'm not sure.

Metadata

Metadata

Assignees

No one assigned

    Labels

    T-Bug

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions