Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Modified OSSL_parse_url to force initialization of pport_num to 0. #21109

Closed
wants to merge 1 commit into from
Closed

Modified OSSL_parse_url to force initialization of pport_num to 0. #21109

wants to merge 1 commit into from

Conversation

rsbeckerca
Copy link
Contributor

This change is intended to provide some safety for occasional random failures that have appeared in 80-test_cmp_http
on NonStop x86 when run in a complex CI/CD Jenkins environment. This change also adds init_pint() to handle the
initialization of a pointer to int value.

Fixes #21083

@rsbeckerca
Modified OSSL_parse_url to initialize pport_num to 0.
33fe5fa 
This change is intended to provide some safety for uninitialized stack failures
that have appeared in 80-test_cmp_http on NonStop x86 when run in a complex
CI/CD Jenkins environment. This change also adds init_pint() to handle the
initialization of a pointer to int value.

Fixes: openssl#21083

Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>
@rsbeckerca
Copy link
Contributor Author

This PR is based on 3.1, tested with 3.1 and master, and can also be applied to master, and 3.0 as well.

@paulidale paulidale added branch: master Merge to master branch approval: review pending This pull request needs review by a committer triaged: bug The issue/pr is/fixes a bug branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 labels Jun 1, 2023
@levitte levitte added approval: done This pull request has the required number of approvals and removed approval: review pending This pull request needs review by a committer labels Jun 2, 2023
t8m
t8m reviewed Jun 2, 2023
View reviewed changes
crypto/http/http_lib.c
@@ -54,6 +61,7 @@ int OSSL_parse_url(const char *url, char **pscheme, char **puser, char **phost,
init_pstring(puser);
init_pstring(phost);
init_pstring(pport);
init_pint(pport_num);
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I really do not understand how this change can help. Without it, the *pport_num will be left uninitialized only in case the OSSL_parse_url() call fails. Why that could change anything? IMO this is not the cause for the problem you've seen @rsbeckerca. I suspect there is something more subtle with these tests in regards to timing, etc.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The line:

openssl/crypto/http/http_lib.c

Line 113 in 168d93a

if (!sscanf(port, "%u", &portnum) || portnum > 65535) {

does not use sscanf correctly. Specifying !scanf strictly checks for 0 vs. non-zero instead of what would be semantically better as sscanf(...) != 1, since sscanf returns the number of arguments processed rather than an error. I understand that that check is probably fine. Also, there is a redundant initialization of pport in OSSL_HTTP_parse_url.

I am just trying to be safe about initialized values on the stack. If the PR does not matter, it can be dropped.

Copy link
Contributor

@DDvO DDvO Jul 14, 2023
edited

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Good point that the result of sscanf() should better be checked using != 1.
Yet in this case with one variable to be filled, (effectively) using == 0 boils down to the same.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The call init_pstring(pport); in OSSL_HTTP_parse_url() is not redundant -
note that the subsequent

    if (!OSSL_parse_url(url, &scheme, puser, phost, &port, pport_num,
                        ppath, pquery, pfrag))
        return 0;

uses a different port variable pointer (&port) and may return on error, and the initialization is for that case.

@openssl-machine openssl-machine added approval: ready to merge The 24 hour grace period has passed, ready to merge and removed approval: done This pull request has the required number of approvals labels Jun 3, 2023
@openssl-machine
Copy link
Collaborator

This pull request is ready to merge

@tmshort
Copy link
Contributor

tmshort commented Jun 11, 2023

CIFuzz is failing, and if this is going into master, shouldn't this PR be against the master branch?

@t8m
Copy link
Member

t8m commented Jun 12, 2023

CIFuzz is failing, and if this is going into master, shouldn't this PR be against the master branch?

It is not required. CIFuzz fail is unrelated.

@t8m t8m added the tests: exempted The PR is exempt from requirements for testing label Jun 12, 2023
@t8m t8m closed this Jun 12, 2023
@t8m t8m reopened this Jun 12, 2023
@t8m
Copy link
Member

t8m commented Jul 14, 2023

Merged to master, 3.1, and 3.0 branches. Thank you.

@t8m t8m closed this Jul 14, 2023
openssl-machine pushed a commit that referenced this pull request Jul 14, 2023
@rsbeckerca @t8m
Modified OSSL_parse_url to initialize pport_num to 0.
ba189e0 
This change is intended to provide some safety for uninitialized stack failures
that have appeared in 80-test_cmp_http on NonStop x86 when run in a complex
CI/CD Jenkins environment. This change also adds init_pint() to handle the
initialization of a pointer to int value.

Fixes: #21083

Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #21109)

(cherry picked from commit 45cd255)
openssl-machine pushed a commit that referenced this pull request Jul 14, 2023
@rsbeckerca @t8m
Modified OSSL_parse_url to initialize pport_num to 0.
45cd255 
This change is intended to provide some safety for uninitialized stack failures
that have appeared in 80-test_cmp_http on NonStop x86 when run in a complex
CI/CD Jenkins environment. This change also adds init_pint() to handle the
initialization of a pointer to int value.

Fixes: #21083

Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #21109)
openssl-machine pushed a commit that referenced this pull request Jul 14, 2023
@rsbeckerca @t8m
Modified OSSL_parse_url to initialize pport_num to 0.
175fa84 
This change is intended to provide some safety for uninitialized stack failures
that have appeared in 80-test_cmp_http on NonStop x86 when run in a complex
CI/CD Jenkins environment. This change also adds init_pint() to handle the
initialization of a pointer to int value.

Fixes: #21083

Signed-off-by: Randall S. Becker <randall.becker@nexbridge.ca>

Reviewed-by: Paul Dale <pauli@openssl.org>
Reviewed-by: Richard Levitte <levitte@openssl.org>
Reviewed-by: Tomas Mraz <tomas@openssl.org>
(Merged from #21109)

(cherry picked from commit 45cd255)
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@DDvO DDvO DDvO left review comments

@levitte levitte levitte approved these changes

@t8m t8m t8m approved these changes

@paulidale paulidale paulidale approved these changes

Assignees
No one assigned
Labels
approval: ready to merge The 24 hour grace period has passed, ready to merge branch: master Merge to master branch branch: 3.0 Merge to openssl-3.0 branch branch: 3.1 Merge to openssl-3.1 tests: exempted The PR is exempt from requirements for testing triaged: bug The issue/pr is/fixes a bug
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
7 participants
@rsbeckerca @openssl-machine @tmshort @t8m @levitte @DDvO @paulidale