0001751: [memcheck] Invalid read detected in CalculateDigest (Kademlia.cpp:510)

View Issue Details [ Jump to Notes ]

[ Issue History ] [ Print ]

Project

Category

View Status

Date Submitted

Last Update

0001751

aMule

Misc

public

2015-07-12 13:48

2015-10-20 16:15

Reporter

sirkay2006

Assigned To

Priority

high

Severity

minor

Reproducibility

always

Status

closed

Resolution

not fixable

Platform

linux amd_64 bit

linux debian

OS Version

Product Version

SVN

Target Version

2.3.2

Fixed in Version

Summary

0001751: [memcheck] Invalid read detected in CalculateDigest (Kademlia.cpp:510)

Description

When running aMule on valgrind, the following IVR is detected.

==623==6205== Invalid read of size 4
==6205== at 0x4FEECD: KadGetKeywordHash(wxString const&, Kademlia::CUInt128*) (Kademlia.cpp:510)
==6205== by 0x4E8E54: CPublishKeyword::CPublishKeyword(wxString const&) (SharedFileList.cpp:70)
==6205== by 0x4E5317: CPublishKeywordList::AddKeyword(wxString const&, CKnownFile*) (SharedFileList.cpp:209)
==6205== by 0x4E5395: CPublishKeywordList::AddKeywords(CKnownFile*) (SharedFileList.cpp:222)
==6205== by 0x4E543D: CSharedFileList::AddFile(CKnownFile*) (SharedFileList.cpp:497)
==6205== by 0x4E625A: CSharedFileList::FindSharedFiles() (SharedFileList.cpp:334)
==6205== by 0x4E670B: CSharedFileList::Reload() (SharedFileList.cpp:550)
==6205== by 0x44662C: CamuleApp::OnInit() (amule.cpp:568)
==6205== by 0x520416: CamuleGuiApp::OnInit() (amule-gui.cpp:287)
==6205== by 0x64FA9FB: wxEntry(int&, wchar_t**) (in /home/ttt/_bin/bin/wxWidgets-2.8.12/lib/libwx_baseu-2.8.so.0.8.0)
==6205== by 0x42F741: main (amule-gui.cpp:93)
==6205== Address 0xebeb168 is 8 bytes inside a block of size 10 alloc'd
==6205== at 0x4C27B8F: malloc (vg_replace_malloc.c:296)
==6205== by 0x706A9D9: strdup (strdup.c:42)
==6205== by 0x4FEEA3: KadGetKeywordHash(wxString const&, Kademlia::CUInt128*) (Kademlia.cpp:507)
==6205== by 0x4E8E54: CPublishKeyword::CPublishKeyword(wxString const&) (SharedFileList.cpp:70)
==6205== by 0x4E5317: CPublishKeywordList::AddKeyword(wxString const&, CKnownFile*) (SharedFileList.cpp:209)
==6205== by 0x4E5395: CPublishKeywordList::AddKeywords(CKnownFile*) (SharedFileList.cpp:222)
==6205== by 0x4E543D: CSharedFileList::AddFile(CKnownFile*) (SharedFileList.cpp:497)
==6205== by 0x4E625A: CSharedFileList::FindSharedFiles() (SharedFileList.cpp:334)
==6205== by 0x4E670B: CSharedFileList::Reload() (SharedFileList.cpp:550)
==6205== by 0x44662C: CamuleApp::OnInit() (amule.cpp:568)
==6205== by 0x520416: CamuleGuiApp::OnInit() (amule-gui.cpp:287)
==6205== by 0x64FA9FB: wxEntry(int&, wchar_t**) (in /home/ttt/_bin/bin/wxWidgets-2.8.12/lib/libwx_baseu-2.8.so.0.8.0)
==6205== by 0x42F741: main (amule-gui.cpp:93)

It concerns:
506 // This should be safe - we assume rstrKeyword is ANSI anyway.
507 char* ansi_buffer = strdup(unicode2UTF8(rstrKeyword));
508
509 //printf("Kad keyword hash: UTF8 %s\n",ansi_buffer);
510 md4_hasher.CalculateDigest(Output,(const unsigned char*)ansi_buffer,strlen(ansi_buffer));

Cast in line 510 from char* to const unsigned char* (and the implicitly to byte*) seems fine.

I am wonderning if the strlen done in strdup and in line 510 are not safe for some strings in input.

Do you have an idea?

Issue History
Date Modified	Username	Field	Change
2015-07-12 13:48	sirkay2006	New Issue
2015-10-17 23:17	GonoszTopi	Target Version	=> 2.3.2
2015-10-20 16:15	GonoszTopi	Note Added: 0003666
2015-10-20 16:15	GonoszTopi	Status	new => closed
2015-10-20 16:15	GonoszTopi	Resolution	open => not fixable

Notes
(0003666) GonoszTopi (administrator) 2015-10-20 16:15	This is caused by a gcc optimization, the optimized and inlined strlen() function. We cannot do anything against it (except building without optimization), and it's harmless.

Relationships