[tickets] [opensaf:tickets] #2656 imm: valgrind reports invalid read in imm agent

Surbhi Tripathi via Opensaf-tickets Thu, 18 Mar 2021 21:28:11 -0700

      attr[i]->attrName = (char *)malloc(q->attrName.size+1); /*alloc-3 */
      strncpy(attr[i]->attrName, (const char *)q->attrName.buf,
              q->attrName.size+1);
      attr[i]->attrName[q->attrName.size] = 0; /*redundant. */



The attrName.size includes the null character in the attrName.buf.
attrName.size = strlen(attrName.buf) + 1;

So  only 'size' memory should be allocated and copied and not (size+1) 
      attr[i]->attrName = (char *)malloc(q->attrName.size); /*alloc-3 */
      strncpy(attr[i]->attrName, (const char *)q->attrName.buf,
              q->attrName.size);
      attr[i]->attrName[q->attrName.size-1] = 0; /*redundant. */

strncpy  will copy  minimum of  attrName.size and attrName.buf, In normal 
scenarios this should be attrName.buf. But in case buf is corrupt and extends 
beyond attrName.size. attrName.size  characters are copied, in this case 
setting the last character to '\0' is important.



---

** [tickets:#2656] imm: valgrind reports invalid read in imm agent**

**Status:** accepted
**Milestone:** 5.21.06
**Created:** Thu Oct 26, 2017 04:15 AM UTC by Vu Minh Nguyen
**Last Updated:** Tue Mar 16, 2021 03:54 AM UTC
**Owner:** Surbhi Tripathi


Here is valgrind report:

> ==740== Thread 4:
> ==740== Invalid read of size 1
> ==740==    at 0x4C2E7A0: __strncpy_sse2_unaligned (in 
> /usr/lib/valgrind/vgpreload_memcheck-amd64-linux.so)
> ==740==    by 0x5055CF2: strncpy (string3.h:120)
> ==740==    by 0x5055CF2: imma_proc_ccbaug_setup(imma_client_node*, 
> imma_callback_info*) (imma_proc.cc:2058)
> ==740==    by 0x505C507: imma_hdl_callbk_dispatch_one(imma_cb*, unsigned long 
> long) (imma_proc.cc:1745)
> ==740==    by 0x5050D33: saImmOiDispatch (imma_oi_api.cc:638)
> ==740==    by 0x120AD1: oi_thread (test_saImmOiSaStringT.c:287)
> ==740==    by 0x5725183: start_thread (pthread_create.c:312)
> ==740==    by 0x5A3537C: clone (clone.S:111


---

Sent from sourceforge.net because [email protected] is 
subscribed to https://sourceforge.net/p/opensaf/tickets/

To unsubscribe from further messages, a project admin can change settings at 
https://sourceforge.net/p/opensaf/admin/tickets/options.  Or, if this is a 
mailing list, you can unsubscribe from the mailing list.

_______________________________________________
Opensaf-tickets mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/opensaf-tickets

[tickets] [opensaf:tickets] #2656 imm: valgrind reports invalid read in imm agent

Reply via email to