Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

fix ssl_options and misaligned adressinfo #52

Merged
merged 1 commit into from
Sep 21, 2021
Merged

Conversation

dinoex
Copy link
Contributor

@dinoex dinoex commented Sep 18, 2021

Fixes #24

ssl_options is configured on stack.
in the callback the location is overwritten.

Output:

% Trying to connect to ap: XXXX:XXXX::42 8889.
% SSL: cert verify depth exceeded: allowed=0 actual=2
% SSL: cert verify error: err=22 'certificate chain too long' depth:2 cn:/C=US/O=Internet
    Security Research Group/CN=ISRG Root X1
% Intermediate connection to ap failed: SSL/lib: error:1416F086:SSL
    routines:tls_process_server_certificate:certificate verify failed

Diagnostics:

ERROR: AddressSanitizer: stack-use-after-scope on address 0x7fffffffe364 at pc 0x00000041b231 bp 0x7fffffffdb70 sp 0x7fffffffdb68
READ of size 4 at 0x7fffffffe364 thread T0
[Detaching after fork from child process 31672]
    #0 0x41b230  (/usr/local/tmp/usr/ports/current/tinyfugue-devel/work/tinyfugue-5.1.1/src/tf+0x41b230)
    #1 0x8008fd5ce  (/usr/local/lib/libcrypto.so.11+0x2a95ce)
    #2 0x8008fbe9b  (/usr/local/lib/libcrypto.so.11+0x2a7e9b)
    #3 0x8008fac4c in X509_verify_cert (/usr/local/lib/libcrypto.so.11+0x2a6c4c)
    #4 0x80060865e  (/usr/local/lib/libssl.so.11+0x4b65e)
    #5 0x80062b5b8  (/usr/local/lib/libssl.so.11+0x6e5b8)
    #6 0x800627136  (/usr/local/lib/libssl.so.11+0x6a136)
    #7 0x3f6a0c  (/usr/local/tmp/usr/ports/current/tinyfugue-devel/work/tinyfugue-5.1.1/src/tf+0x3f6a0c)
    #8 0x3fb118  (/usr/local/tmp/usr/ports/current/tinyfugue-devel/work/tinyfugue-5.1.1/src/tf+0x3fb118)
    #9 0x40def5  (/usr/local/tmp/usr/ports/current/tinyfugue-devel/work/tinyfugue-5.1.1/src/tf+0x40def5)
    #10 0x39f05c  (/usr/local/tmp/usr/ports/current/tinyfugue-devel/work/tinyfugue-5.1.1/src/tf+0x39f05c)
    #11 0x27344f  (/usr/local/tmp/usr/ports/current/tinyfugue-devel/work/tinyfugue-5.1.1/src/tf+0x27344f)

Address 0x7fffffffe364 is located in stack of thread T0 at offset 164 in frame
    #0 0x4093af  (/usr/local/tmp/usr/ports/current/tinyfugue-devel/work/tinyfugue-5.1.1/src/tf+0x4093af)

  This frame has 7 object(s):
    [32, 40) 'fds.i.i'
    [64, 112) 'hints.i'
    [144, 148) 'uerr'
    [160, 172) 'ssl_options' <== Memory access at offset 164 is inside this variable
    [192, 240) 'hints'
    [272, 400) 'readable'
    [432, 448) 'tv'

on 64 Bit arch the aliment of data after an IPv6 address is broken.

Diagnostics:

ocket.c:1629:10: runtime error: member access within misaligned address 0x60d00000724c for type 'struct addrinfo', which requires 8 byte alignment
0x60d00000724c: note: pointer points here
  00 00 00 00 00 00 00 00  02 00 00 00 01 00 00 00  06 00 00 00 10 00 00 00  00 00 00 00 00 00 00 00
              ^
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior socket.c:1629:10 in
socket.c:1629:10: runtime error: store to misaligned address 0x60d00000726c for type 'struct sockaddr *', which requires 8 byte alignment
0x60d00000726c: note: pointer points here
  00 00 00 00 90 24 08 00  60 60 00 00 00 00 00 00  00 00 00 00 10 02 22 b9  b9 dc 94 2a 00 00 00 00
              ^
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior socket.c:1629:10 in
socket.c:1630:14: runtime error: member access within misaligned address 0x60d00000724c for type 'struct addrinfo', which requires 8 byte alignment
0x60d00000724c: note: pointer points here
  00 00 00 00 00 00 00 00  02 00 00 00 01 00 00 00  06 00 00 00 10 00 00 00  00 00 00 00 00 00 00 00
              ^
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior socket.c:1630:14 in
socket.c:1630:14: runtime error: load of misaligned address 0x60d000007274 for type 'struct addrinfo *', which requires 8 byte alignment
0x60d000007274: note: pointer points here
  d0 60 00 00 00 00 00 00  00 00 00 00 10 02 22 b9  b9 dc 94 2a 00 00 00 00  00 00 00 00 00 00 00 00
              ^
SUMMARY: UndefinedBehaviorSanitizer: undefined-behavior socket.c:1630:14 in
socket.c:1628:39: runtime error: member access within misaligned address 0x60d00000724c for type 'struct addrinfo', which requires 8 byte alignment

fix padding on 64bit
@dinoex dinoex changed the title fix ssl_options fix ssl_options and misaligned adressinfo Sep 19, 2021
Copy link
Owner

@ingwarsw ingwarsw left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@dinoex Thanks for PR..
Seems ok.

@ingwarsw ingwarsw merged commit 5a83c03 into ingwarsw:main Sep 21, 2021
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

Successfully merging this pull request may close these issues.

ssl_continue not working
2 participants