fix: always initialize threadinfo on the stack

Signed-off-by: Roberto Scolaro <roberto.scolaro21@gmail.com>
falcosecurity · Dec 19, 2023 · 0d65836 · 0d65836
1 parent 0eb9445
commit 0d65836
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 1 deletion.
diff --git a/userspace/libscap/linux/scap_procs.c b/userspace/libscap/linux/scap_procs.c
@@ -565,6 +565,8 @@ static int32_t scap_proc_add_from_proc(struct scap_linux_platform* linux_platfor
 	int32_t res = SCAP_SUCCESS;
 	struct stat dirstat;
 
+	memset(&tinfo, 0, sizeof(scap_threadinfo));
+
 	snprintf(dir_name, sizeof(dir_name), "%s/%u/", procdirname, tid);
 	snprintf(filename, sizeof(filename), "%sexe", dir_name);
 

diff --git a/userspace/libsinsp/parsers.cpp b/userspace/libsinsp/parsers.cpp
@@ -4184,6 +4184,8 @@ void sinsp_parser::parse_rw_exit(sinsp_evt *evt)
 						char error[SCAP_LASTERR_SIZE];
 						scap_threadinfo scap_tinfo {};
 
+						memset(&scap_tinfo, 0, sizeof(scap_tinfo));
+
 						m_inspector->m_thread_manager->thread_to_scap(*evt->m_tinfo, &scap_tinfo);
 
 						// Get the new fds. The callbacks we have registered populate the fd table

diff --git a/userspace/libsinsp/threadinfo.cpp b/userspace/libsinsp/threadinfo.cpp
@@ -1903,6 +1903,8 @@ void sinsp_thread_manager::dump_threads_to_file(scap_dumper_t* dumper)
 		uint32_t entrylen = 0;
 		auto cg = tinfo.cgroups();
 
+		memset(&sctinfo, 0, sizeof(scap_threadinfo));
+
 		thread_to_scap(tinfo, &sctinfo);
 		tinfo.args_to_iovec(&args_iov, &argscnt, argsrem);
 		tinfo.env_to_iovec(&envs_iov, &envscnt, envsrem);
@@ -1949,6 +1951,8 @@ void sinsp_thread_manager::dump_threads_to_file(scap_dumper_t* dumper)
 
 		scap_threadinfo sctinfo {};
 
+		memset(&sctinfo, 0, sizeof(scap_threadinfo));
+
 		// Note: as scap_fd_add/scap_write_proc_fds do not use
 		// any of the array-based fields like comm, etc. a
 		// shallow copy is safe
@@ -2031,7 +2035,15 @@ threadinfo_map_t::ptr_t sinsp_thread_manager::get_thread_ref(int64_t tid, bool q
         }
 
         scap_threadinfo scap_proc {};
-	bool have_scap_proc = false;
+        bool have_scap_proc = false;
+
+        // leaving scap_proc uninitialized could lead to undefined behaviour.
+        // to be safe we should initialized to zero.
+        memset(&scap_proc, 0, sizeof(scap_threadinfo));
+
+        scap_proc.tid = -1;
+        scap_proc.pid = -1;
+        scap_proc.ptid = -1;
 
 		// unfortunately, sinsp owns the threade factory
         sinsp_threadinfo* newti = m_inspector->build_threadinfo();