tf2_ros: lock-order-inversion, eprosima::fastrtps::rtps::Sta... #509

vmayoral · 2019-10-21T17:38:56Z

{
    "id": 509,
    "title": "tf2_ros: lock-order-inversion, eprosima::fastrtps::rtps::Sta...",
    "type": "weakness",
    "description": "Issue detected while running Google Sanitizers. ",
    "cwe": "None",
    "cve": "None",
    "keywords": [
        "components software",
        "master",
        "package: tf2_ros",
        "robot component: ROS2",
        "weakness"
    ],
    "system": "ros2",
    "vendor": "N/A",
    "severity": {
        "rvss-score": "None",
        "rvss-vector": "N/A",
        "severity-description": "",
        "cvss-score": 0,
        "cvss-vector": ""
    },
    "links": [
        "https://github.com/aliasrobotics/RVD/issues/509"
    ],
    "flaw": {
        "phase": "testing",
        "specificity": "ROS-specific",
        "architectural-location": "platform code",
        "application": "N/A",
        "subsystem": "cognition:ros2",
        "package": "tf2_ros",
        "languages": "None",
        "date-detected": "Mon, 21 Oct 2019 17:38:55 +0000",
        "detected-by": "",
        "detected-by-method": "testing dynamic",
        "date-reported": "Mon, 21 Oct 2019 17:38:55 +0000",
        "reported-by": "Alias Robotics (http://aliasrobotics.com)",
        "reported-by-relationship": "automatic",
        "issue": "https://github.com/aliasrobotics/RVD/issues/509",
        "reproducibility": "always",
        "trace": "    #0 pthread_mutex_lock <null> (libtsan.so.0+0x3fadb)\r\n    #1 __gthread_mutex_lock /usr/include/x86_64-linux-gnu/c++/7/bits/gthr-default.h:748 (libfastrtps.so.1+0x23813e)\r\n    #2 __gthread_recursive_mutex_lock /usr/include/x86_64-linux-gnu/c++/7/bits/gthr-default.h:810 (libfastrtps.so.1+0x23813e)\r\n    #3 std::recursive_timed_mutex::lock() /usr/include/c++/7/mutex:252 (libfastrtps.so.1+0x23813e)\r\n    #4 std::unique_lock<std::recursive_timed_mutex>::lock() /usr/include/c++/7/bits/std_mutex.h:267 (libfastrtps.so.1+0x23813e)\r\n    #5 std::unique_lock<std::recursive_timed_mutex>::unique_lock(std::recursive_timed_mutex&) /usr/include/c++/7/bits/std_mutex.h:197 (libfastrtps.so.1+0x23813e)\r\n    #6 eprosima::fastrtps::rtps::StatefulReader::matched_writer_remove(eprosima::fastrtps::rtps::GUID_t const&) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/reader/StatefulReader.cpp:182 (libfastrtps.so.1+0x23813e)\r\n    #7 eprosima::fastrtps::rtps::EDPSimple::removeRemoteEndpoints(eprosima::fastrtps::rtps::ParticipantProxyData*) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/builtin/discovery/endpoint/EDPSimple.cpp:821 (libfastrtps.so.1+0x5443d2)\r\n    #8 eprosima::fastrtps::rtps::PDP::remove_remote_participant(eprosima::fastrtps::rtps::GUID_t const&, eprosima::fastrtps::rtps::ParticipantDiscoveryInfo::DISCOVERY_STATUS) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/builtin/discovery/participant/PDP.cpp:899 (libfastrtps.so.1+0x4f4c80)\r\n    #9 eprosima::fastrtps::rtps::PDPListener::onNewCacheChangeAdded(eprosima::fastrtps::rtps::RTPSReader*, eprosima::fastrtps::rtps::CacheChange_t const*) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/builtin/discovery/participant/PDPListener.cpp:166 (libfastrtps.so.1+0x502113)\r\n    #10 eprosima::fastrtps::rtps::StatelessReader::change_received(eprosima::fastrtps::rtps::CacheChange_t*) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/reader/StatelessReader.cpp:166 (libfastrtps.so.1+0x23ab61)\r\n    #11 eprosima::fastrtps::rtps::StatelessReader::processDataMsg(eprosima::fastrtps::rtps::CacheChange_t*) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/reader/StatelessReader.cpp:321 (libfastrtps.so.1+0x23eb20)\r\n    #12 operator() /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/messages/MessageReceiver.cpp:638 (libfastrtps.so.1+0x276040)\r\n    #13 _M_invoke /usr/include/c++/7/bits/std_function.h:316 (libfastrtps.so.1+0x276040)\r\n    #14 std::function<void (eprosima::fastrtps::rtps::RTPSReader*)>::operator()(eprosima::fastrtps::rtps::RTPSReader*) const /usr/include/c++/7/bits/std_function.h:706 (libfastrtps.so.1+0x28ab5b)\r\n    #15 eprosima::fastrtps::rtps::MessageReceiver::findAllReaders(eprosima::fastrtps::rtps::EntityId_t const&, std::function<void (eprosima::fastrtps::rtps::RTPSReader*)>) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/messages/MessageReceiver.cpp:476 (libfastrtps.so.1+0x27e6c2)\r\n    #16 eprosima::fastrtps::rtps::MessageReceiver::proc_Submsg_Data(eprosima::fastrtps::rtps::CDRMessage_t*, eprosima::fastrtps::rtps::SubmessageHeader_t*) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/messages/MessageReceiver.cpp:635 (libfastrtps.so.1+0x280659)\r\n    #17 eprosima::fastrtps::rtps::MessageReceiver::processCDRMsg(eprosima::fastrtps::rtps::Locator_t const&, eprosima::fastrtps::rtps::CDRMessage_t*) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/messages/MessageReceiver.cpp:232 (libfastrtps.so.1+0x288b07)\r\n    #18 eprosima::fastrtps::rtps::ReceiverResource::OnDataReceived(unsigned char const*, unsigned int, eprosima::fastrtps::rtps::Locator_t const&, eprosima::fastrtps::rtps::Locator_t const&) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/rtps/network/ReceiverResource.cpp:99 (libfastrtps.so.1+0x28ea03)\r\n    #19 eprosima::fastrtps::rtps::UDPChannelResource::perform_listen_operation(eprosima::fastrtps::rtps::Locator_t) /opt/ros2_ws/src/eProsima/Fast-RTPS/src/cpp/transport/UDPChannelResource.cpp:62 (libfastrtps.so.1+0x3149c4)\r\n    #20 std::thread::_State_impl<std::thread::_Invoker<std::tuple<void (eprosima::fastrtps::rtps::UDPChannelResource::*)(eprosima::fastrtps::rtps::Locator_t), eprosima::fastrtps::rtps::UDPChannelResource*, eprosima::fastrtps::rtps::Locator_t> > >::_M_run() <null> (libfastrtps.so.1+0x316c71)\r\n    #21 <null> <null> (libstdc++.so.6+0xbd66e)\r\n\r\n",
        "reproduction": "Find a    pre-compiled environment in the Docker image below. Reproducing it implies    source the workspace, finding the appropriate test and executing it.",
        "reproduction-image": "registry.gitlab.com/aliasrobotics/offensive/alurity/ros2/ros2:build-tsan2-commit-b2dca472a35109cece17d3e61b18af5cb9be5772"
    },
    "exploitation": {
        "description": "",
        "exploitation-image": "",
        "exploitation-vector": ""
    },
    "mitigation": {
        "description": "",
        "pull-request": ""
    }
}

github-actions · 2019-10-27T17:03:11Z

Feedback (automatically generated):

FIXME: Flaw not identified as a vulnerability, weakness or exposure. Have you included # Vulnerability (or Weakness or Exposure) report at the top of the ticket?, see for more information or review other tickets to get inspiration

Please review the feedback above. Once addressed, either request the removal of the malformed label to trigger another automatic review.

github-actions · 2019-10-27T17:55:34Z

Feedback (automatically generated):

FIXME: Attack vector not present in summary table or invalid, see for more information or review other tickets and get inspiration

Please review the feedback above. Once addressed, either request the removal of the malformed label to trigger another automatic review.

vmayoral · 2019-11-27T08:19:48Z

DUPLICATE: Tagging this ticket as duplicate. Referencing to RVD#291: rcl: lock-order-inversion, eprosima::fastrtps::rtps::Livelin... #291

vmayoral added components software Vulnerabilities in purely software robot components (e.g. a the ROS navigation stack) master package: tf2_ros robot component: ROS2 bug An error, flaw, failure or fault in a computer program or system that causes it to produce an incorr labels Oct 21, 2019

github-actions bot added the malformed label Oct 27, 2019

vmayoral removed the malformed label Oct 27, 2019

github-actions bot added the malformed label Oct 27, 2019

vmayoral removed the malformed label Oct 27, 2019

vmayoral mentioned this issue Nov 21, 2019

ROS 2 Eloquent Elusor ros2/ros2#734

Closed

34 tasks

vmayoral added the invalid Invalid flaw, applies to invalid entries, duplicated ones and PRs as well label Nov 25, 2019

vmayoral closed this as completed Nov 25, 2019

vmayoral removed the invalid Invalid flaw, applies to invalid entries, duplicated ones and PRs as well label Nov 25, 2019

vmayoral reopened this Nov 25, 2019

vmayoral added the duplicate This issue or pull request already exists label Nov 27, 2019

vmayoral closed this as completed Nov 27, 2019

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

tf2_ros: lock-order-inversion, eprosima::fastrtps::rtps::Sta... #509

tf2_ros: lock-order-inversion, eprosima::fastrtps::rtps::Sta... #509

vmayoral commented Oct 21, 2019 •

edited

Loading

github-actions bot commented Oct 27, 2019

github-actions bot commented Oct 27, 2019

vmayoral commented Nov 27, 2019

tf2_ros: lock-order-inversion, eprosima::fastrtps::rtps::Sta... #509

tf2_ros: lock-order-inversion, eprosima::fastrtps::rtps::Sta... #509

Comments

vmayoral commented Oct 21, 2019 • edited Loading

github-actions bot commented Oct 27, 2019

Feedback (automatically generated):

github-actions bot commented Oct 27, 2019

Feedback (automatically generated):

vmayoral commented Nov 27, 2019

vmayoral commented Oct 21, 2019 •

edited

Loading