B. Scott Michel f4c39a325c SCP: Add'l memory sanitization fixes ...

Initialize de-dup'ed debug line buffer:

  realloc(NULL, size) == malloc(size), which is uninitialized space.
  This causes the Clang memory sanitizer to detect an attempt to read
  uninitialized memory when debug_line_buf and debug_line_buf_last are
  different lengths. While the uninitialized space may never actually be
  compared, the memory sanitizer emits a strong hint to not do stupid.

  The sanitizer trips in the i650 simulator on the first memcmp(),
  debug_line_buf has 108 characters, debug_line_buf_last has 56
  characters (uninitialized space follows the 56 characters, tripping
  the sanitizer.)

  - memset() debug_line_buf and debug_line_buf_last to zero so that
    memcmp() will always gracefully return non-zero if somehow memcmp()
    ends up going past the end of either buffer.  Should never happen in
    practice, but theory always gets mugged by reality.

  - Keep track of debug_line_buf_last's comparison length (i.e., up to
    the '\r') and only execute memcmp() when this length equals the
    current debug_line_buf comparison length (end - endprefix + 1).

  - Added a log deduplication test to "testlib" command to ensure that
    nothing broke as a result of this fix.

Network ACL check in sim_addr_acl_check:

  The memory sanitizer found an off-by-one bug in sim_addr_acl_check
  while executing "testlib". This makes CIDR network ACLs functional,
  e.g., "127.0.0.1/32" is interpreted properly and the associated
  "testlib" test passes.

2024-02-01 12:50:52 -05:00

49 KiB

Raw Blame History

View Raw