This is the mail archive of the glibc-bugs@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[Bug network/14687] New: valgrind warning of uninitialised byte(s) in res_send.c


http://sourceware.org/bugzilla/show_bug.cgi?id=14687

             Bug #: 14687
           Summary: valgrind warning of uninitialised byte(s) in
                    res_send.c
           Product: glibc
           Version: 2.16
            Status: NEW
          Severity: normal
          Priority: P2
         Component: network
        AssignedTo: unassigned@sourceware.org
        ReportedBy: timothy.c.pepper@linux.intel.com
    Classification: Unclassified


Created attachment 6674
  --> http://sourceware.org/bugzilla/attachment.cgi?id=6674
Simple patch resolving the valgrind warning

glibc 2.16.0's commit c030f70c introduces some variables on the stack
which don't get fully initialized, leading to valgrind complaints in
the __libc_res_nsend() -> send_dg() -> sendmmsg() call chain, eg:

Syscall param sendmsg(mmsg[0].msg_hdr) points to uninitialised byte(s)
    at 0x5AEAC6B: sendmmsg (sendmmsg.c:36)
    by 0x97B4643: __libc_res_nsend (res_send.c:1133)
    by 0x97B1C66: __libc_res_nquery (res_query.c:225)
    by 0x97B28D9: __libc_res_nsearch (res_query.c:582)
    by 0x95A5AC7: _nss_dns_gethostbyname4_r (dns-host.c:313)
    by 0x5AD076A: gaih_inet (getaddrinfo.c:842)
    by 0x5AD4653: getaddrinfo (getaddrinfo.c:2421)
    by 0x55BF384: Curl_getaddrinfo_ex (in /usr/lib64/libcurl.so.4.2.0)
    by 0x55C61C9: getaddrinfo_thread (in /usr/lib64/libcurl.so.4.2.0)
    by 0x55C4BF5: curl_thread_create_thunk (in /usr/lib64/libcurl.so.4.2.0)
    by 0x57E1EBE: start_thread (pthread_create.c:308)
    by 0x5AE932C: clone (clone.S:114)
 Address 0x9393ff0 is on thread 5's stack
 Uninitialised value was created by a stack allocation
    at 0x97B39E0: __libc_res_nsend (res_send.c:347)

It looks like the iov[], reqs.msg_len and reqs.msg_hdr.msg_flags could be
uninitialized there.  A simple memset to zero resolves the warning and
seems sensible enough, but there may be more sensible values to which 
these members could be explicitly set by somebody who knows the code.

-- 
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]