From patchwork Fri Feb 6 02:07:14 2015 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Masashi Honma X-Patchwork-Id: 436983 Return-Path: X-Original-To: patchwork-incoming@ozlabs.org Delivered-To: patchwork-incoming@ozlabs.org Received: from maxx.maxx.shmoo.com (maxx.shmoo.com [205.134.188.171]) by ozlabs.org (Postfix) with ESMTP id E3F631402A0 for ; Fri, 6 Feb 2015 13:08:00 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 803609D48E; Thu, 5 Feb 2015 21:07:57 -0500 (EST) X-Virus-Scanned: amavisd-new at maxx.shmoo.com Received: from maxx.maxx.shmoo.com ([127.0.0.1]) by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ck7PYDK9RKn7; Thu, 5 Feb 2015 21:07:57 -0500 (EST) Received: from maxx.shmoo.com (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 16D1517C1D0; Thu, 5 Feb 2015 21:07:52 -0500 (EST) X-Original-To: mailman-post+hostap@maxx.shmoo.com Delivered-To: mailman-post+hostap@maxx.shmoo.com Received: from localhost (localhost [127.0.0.1]) by maxx.maxx.shmoo.com (Postfix) with ESMTP id 63D2717C1D0 for ; Thu, 5 Feb 2015 21:07:50 -0500 (EST) X-Virus-Scanned: amavisd-new at maxx.shmoo.com Received: from maxx.maxx.shmoo.com ([127.0.0.1]) by localhost (maxx.shmoo.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id var1zqhHMNbp for ; Thu, 5 Feb 2015 21:07:44 -0500 (EST) Received: from mail-pa0-f43.google.com (mail-pa0-f43.google.com [209.85.220.43]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (not verified)) by maxx.maxx.shmoo.com (Postfix) with ESMTPS id 6E7CA17C020 for ; Thu, 5 Feb 2015 21:07:44 -0500 (EST) Received: by mail-pa0-f43.google.com with SMTP id eu11so13960575pac.2 for ; Thu, 05 Feb 2015 18:07:43 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=from:to:cc:subject:date:message-id; bh=FVKP8k7FW2/HNxKfKczBhcLAyaZ4DyByN+wIifo6eMQ=; b=BMM/HfW9xOSLxhqbNyBvRqapmx5hWDfglRQvEKKE3/5HzEcDaIXf0rNasD3KRlp2JK oFFHK8l+l5y3CifXGRMbM0FrrZPwk6KMmeVS13CweqxB8/ususFR1bw9gvahNxsRx6JT f/DEJSP0LCeb4jU6sAS5PqHom2Qp1MOUr+TCRY7MY1JHNQGyvy1bnTTBbSvdIbnzd6Lo +pMI2+yw71BulpB7MYYOG9wsFlIkXsCOOR7o6N/abo6xFxGcm/R4iMbEZRyLr/W74Xqm /hK4OSvr4oVLAgDv8AaGfa9eAOaHoG9Gn7aIrgVplWtDaUhrV9zV8xTEUogfG/XgLNRs 5eVQ== X-Received: by 10.68.138.229 with SMTP id qt5mr1891590pbb.62.1423188463464; Thu, 05 Feb 2015 18:07:43 -0800 (PST) Received: from localhost.localdomain (p4a0efa.kngwnt01.ap.so-net.ne.jp. [120.74.14.250]) by mx.google.com with ESMTPSA id fg6sm6320970pdb.24.2015.02.05.18.07.41 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-SHA bits=128/128); Thu, 05 Feb 2015 18:07:42 -0800 (PST) From: Masashi Honma To: hostap@lists.shmoo.com Subject: [PATCH] l2_packet: Fix valgrind uninitialised byte(s) error messages Date: Fri, 6 Feb 2015 11:07:14 +0900 Message-Id: <1423188434-5830-1-git-send-email-masashi.honma@gmail.com> X-Mailer: git-send-email 2.1.0 X-BeenThere: hostap@lists.shmoo.com X-Mailman-Version: 2.1.11 Precedence: list List-Id: HostAP Project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , MIME-Version: 1.0 Sender: hostap-bounces@lists.shmoo.com Errors-To: hostap-bounces@lists.shmoo.com The valgrind-3.10.0 outputs following message on Ubuntu 14.10 64bit. ==2942== Syscall param socketcall.bind(my_addr.sa_data) points to uninitialised byte(s) ==2942== at 0x5ED3577: bind (syscall-template.S:81) ==2942== by 0x4AB2FE: l2_packet_init (l2_packet_linux.c:211) ==2942== by 0x485147: wpa_supplicant_update_mac_addr (wpa_supplicant.c:3017) ==2942== by 0x48888F: wpa_supplicant_driver_init (wpa_supplicant.c:3078) ==2942== by 0x489A05: wpa_supplicant_init_iface (wpa_supplicant.c:4028) ==2942== by 0x489A05: wpa_supplicant_add_iface (wpa_supplicant.c:4226) ==2942== by 0x41DAB9: main (main.c:325) ==2942== Address 0xfff000274 is on thread 1's stack ==2942== in frame #1, created by l2_packet_init (l2_packet_linux.c:174) ==2942== ==5631== Syscall param socketcall.sendto(to.sa_data) points to uninitialised byte(s) ==5631== at 0x5ED3953: __sendto_nocancel (syscall-template.S:81) ==5631== by 0x4AB061: l2_packet_send (l2_packet_linux.c:106) ==5631== by 0x434BBE: wpa_sm_ether_send (wpa_i.h:181) ==5631== by 0x434BBE: wpa_eapol_key_send (wpa.c:72) ==5631== by 0x435145: wpa_supplicant_send_2_of_4 (wpa.c:401) ==5631== by 0x419346: wpa_supplicant_process_1_of_4 (wpa.c:516) ==5631== by 0x43668C: wpa_sm_rx_eapol (wpa.c:1958) ==5631== by 0x48E6A4: wpa_supplicant_event_assoc (events.c:2046) ==5631== by 0x48E6A4: wpa_supplicant_event (events.c:3039) ==5631== by 0x4A4B59: mlme_event_assoc (driver_nl80211_event.c:260) ==5631== by 0x4A6AF5: do_process_drv_event (driver_nl80211_event.c:1751) ==5631== by 0x4A6AF5: process_global_event (driver_nl80211_event.c:1878) ==5631== by 0x53834CE: nl_recvmsgs_report (in /lib/x86_64-linux-gnu/libnl-3.so.200.19.0) ==5631== by 0x5383898: nl_recvmsgs (in /lib/x86_64-linux-gnu/libnl-3.so.200.19.0) ==5631== by 0x494297: wpa_driver_nl80211_event_receive (driver_nl80211.c:1313) ==5631== Address 0xffefff384 is on thread 1's stack ==5631== in frame #1, created by l2_packet_send (l2_packet_linux.c:89) This does not occur on Ubuntu 14.10 32bit. So this looks padding problem. The size of struct sockaddr_ll is 20 bytes. This value is dividable by 4 but not 8. This patch replace the struct by struct sockaddr_storage which is designed by RFC 2553 to cover all types of sockaddr and have enough padding for 64bit. Signed-off-by: Masashi Honma --- src/l2_packet/l2_packet_linux.c | 35 ++++++++++++++++++++--------------- 1 file changed, 20 insertions(+), 15 deletions(-) diff --git a/src/l2_packet/l2_packet_linux.c b/src/l2_packet/l2_packet_linux.c index 68b2008..bef08e2 100644 --- a/src/l2_packet/l2_packet_linux.c +++ b/src/l2_packet/l2_packet_linux.c @@ -87,7 +87,10 @@ int l2_packet_get_own_addr(struct l2_packet_data *l2, u8 *addr) int l2_packet_send(struct l2_packet_data *l2, const u8 *dst_addr, u16 proto, const u8 *buf, size_t len) { + struct sockaddr_storage storage; + struct sockaddr_ll *ll; int ret; + if (l2 == NULL) return -1; if (l2->l2_hdr) { @@ -96,15 +99,15 @@ int l2_packet_send(struct l2_packet_data *l2, const u8 *dst_addr, u16 proto, wpa_printf(MSG_ERROR, "l2_packet_send - send: %s", strerror(errno)); } else { - struct sockaddr_ll ll; - os_memset(&ll, 0, sizeof(ll)); - ll.sll_family = AF_PACKET; - ll.sll_ifindex = l2->ifindex; - ll.sll_protocol = htons(proto); - ll.sll_halen = ETH_ALEN; - os_memcpy(ll.sll_addr, dst_addr, ETH_ALEN); - ret = sendto(l2->fd, buf, len, 0, (struct sockaddr *) &ll, - sizeof(ll)); + os_memset(&storage, 0, sizeof(storage)); + ll = (struct sockaddr_ll *) &storage; + ll->sll_family = AF_PACKET; + ll->sll_ifindex = l2->ifindex; + ll->sll_protocol = htons(proto); + ll->sll_halen = ETH_ALEN; + os_memcpy(ll->sll_addr, dst_addr, ETH_ALEN); + ret = sendto(l2->fd, buf, len, 0, (struct sockaddr *) ll, + sizeof(*ll)); if (ret < 0) { wpa_printf(MSG_ERROR, "l2_packet_send - sendto: %s", strerror(errno)); @@ -174,7 +177,8 @@ struct l2_packet_data * l2_packet_init( { struct l2_packet_data *l2; struct ifreq ifr; - struct sockaddr_ll ll; + struct sockaddr_storage storage; + struct sockaddr_ll *ll; l2 = os_zalloc(sizeof(struct l2_packet_data)); if (l2 == NULL) @@ -204,11 +208,12 @@ struct l2_packet_data * l2_packet_init( } l2->ifindex = ifr.ifr_ifindex; - os_memset(&ll, 0, sizeof(ll)); - ll.sll_family = PF_PACKET; - ll.sll_ifindex = ifr.ifr_ifindex; - ll.sll_protocol = htons(protocol); - if (bind(l2->fd, (struct sockaddr *) &ll, sizeof(ll)) < 0) { + os_memset(&storage, 0, sizeof(storage)); + ll = (struct sockaddr_ll *) &storage; + ll->sll_family = PF_PACKET; + ll->sll_ifindex = ifr.ifr_ifindex; + ll->sll_protocol = htons(protocol); + if (bind(l2->fd, (struct sockaddr *) ll, sizeof(*ll)) < 0) { wpa_printf(MSG_ERROR, "%s: bind[PF_PACKET]: %s", __func__, strerror(errno)); close(l2->fd);