ASAN (Windows): heap-use-after-free in get_interface_index
Opened this issue · 0 comments
Danielius1922 commented
Replication steps:
- build on MSYS2 with clang and address sanitizer enabled
- run unit tests
==6404==ERROR: AddressSanitizer: heap-use-after-free on address 0x11aec85a1448 at pc 0x7ff67f28378b bp 0x007a0f59c4e0 sp 0x007a0f59c528
1: READ of size 4 at 0x11aec85a1448 thread T0
1: #0 0x7ff67f28378a in get_interface_index D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:152:23
1: #1 0x7ff67f280c75 in add_new_session_locked D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:216:19
1: #2 0x7ff67f26074b in initiate_new_session_locked D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:365:7
1: #3 0x7ff67f25cff3 in oc_tcp_send_buffer D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:393:22
1: #4 0x7ff67edd102f in oc_send_buffer D:/a/iotivity-lite/iotivity-lite/port/windows/ipadapter.c:1140:12
1: #5 0x7ff67eba6dbf in handle_outbound_network_event D:/a/iotivity-lite/iotivity-lite/api/oc_message_buffer.c:151:7
1: #6 0x7ff67eba2186 in process_thread_oc_message_buffer_handler D:/a/iotivity-lite/iotivity-lite/api/oc_message_buffer.c:182:7
1: #7 0x7ff67eafd8ac in call_process D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:224:16
1: #8 0x7ff67eafc0a4 in do_event D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:341:5
1: #9 0x7ff67eafb82e in oc_process_run D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:354:3
1: #10 0x7ff67eb9cd2f in oc_main_poll_v1 D:/a/iotivity-lite/iotivity-lite/api/oc_main.c:389:10
1: #11 0x7ff67e3cf8f3 in oc::Device::PoolEventsMs(unsigned long long, bool) D:/a/iotivity-lite/iotivity-lite/tests/gtest/Device.cpp:221:34
1: #12 0x7ff67e3d6493 in oc::TestDevice::PoolEventsMsV1(std::__1::chrono::duration<long long, std::__1::ratio<1ll, 1000ll>>, bool) D:/a/iotivity-lite/iotivity-lite/tests/gtest/Device.h:161:12
1: #13 0x7ff67eaa05d1 in TestResourceWithDevice_BaselineInterfaceProperties_Test::TestBody() D:/a/iotivity-lite/iotivity-lite/api/unittest/resourcetest.cpp:648:3
1: #14 0x7ff67f13ba49 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2078:10
1: #15 0x7ff67f0f71bc in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2114:14
1: #16 0x7ff67f099a7b in testing::Test::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2150:5
1: #17 0x7ff67f09ccc5 in testing::TestInfo::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2326:11
1: #18 0x7ff67f09f0ff in testing::TestCase::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2444:28
1: #19 0x7ff67f0bf50a in testing::internal::UnitTestImpl::RunAllTests() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:4315:43
1: #20 0x7ff67f159a99 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2078:10
1: #21 0x7ff67f10149c in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2114:14
1: #22 0x7ff67f0bd451 in testing::UnitTest::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:3926:10
1: #23 0x7ff67efb3f22 in RUN_ALL_TESTS() D:/a/iotivity-lite/iotivity-lite/deps/gtest/include/gtest/gtest.h:2288:46
1: #24 0x7ff67efb3db2 in main D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest_main.cc:37:10
1: #25 0x7ff67e361314 in __tmainCRTStartup C:/M/B/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:[267](https://github.com/iotivity/iotivity-lite/actions/runs/7050231085/job/19190453935#step:5:268):15
1: #26 0x7ff67e361365 in .l_start C:/M/B/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:188:9
1: #27 0x7ff8a11d4ddf (C:\Windows\System32\KERNEL32.DLL+0x180014ddf)
1: #28 0x7ff8a315ed9a (C:\Windows\SYSTEM32\ntdll.dll+0x18007ed9a)
1:
1: 0x11aec85a1448 is located 136 bytes inside of 144-byte region [0x11aec85a13c0,0x11aec85a1450)
1: freed by thread T0 here:
1: #0 0x7ff86f4d3ef1 in free (D:\a\_temp\msys64\clang64\bin\libclang_rt.asan_dynamic-x86_64.dll+0x180043ef1)
1: #1 0x7ff67f29fd3f in free_network_addresses D:/a/iotivity-lite/iotivity-lite/port/windows/network_addresses.c:184:5
1: #2 0x7ff67f2836c1 in get_interface_index D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:151:9
1: #3 0x7ff67f[280](https://github.com/iotivity/iotivity-lite/actions/runs/7050231085/job/19190453935#step:5:281)c75 in add_new_session_locked D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:216:19
1: #4 0x7ff67f26074b in initiate_new_session_locked D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:365:7
1: #5 0x7ff67f25cff3 in oc_tcp_send_buffer D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:393:22
1: #6 0x7ff67edd102f in oc_send_buffer D:/a/iotivity-lite/iotivity-lite/port/windows/ipadapter.c:1140:12
1: #7 0x7ff67eba6dbf in handle_outbound_network_event D:/a/iotivity-lite/iotivity-lite/api/oc_message_buffer.c:151:7
1: #8 0x7ff67eba2186 in process_thread_oc_message_buffer_handler D:/a/iotivity-lite/iotivity-lite/api/oc_message_buffer.c:182:7
1: #9 0x7ff67eafd8ac in call_process D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:224:16
1: #10 0x7ff67eafc0a4 in do_event D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:341:5
1: #11 0x7ff67eafb82e in oc_process_run D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:354:3
1: #12 0x7ff67eb9cd2f in oc_main_poll_v1 D:/a/iotivity-lite/iotivity-lite/api/oc_main.c:389:10
1: #13 0x7ff67e3cf8f3 in oc::Device::PoolEventsMs(unsigned long long, bool) D:/a/iotivity-lite/iotivity-lite/tests/gtest/Device.cpp:221:34
1: #14 0x7ff67e3d6493 in oc::TestDevice::PoolEventsMsV1(std::__1::chrono::duration<long long, std::__1::ratio<1ll, 1000ll>>, bool) D:/a/iotivity-lite/iotivity-lite/tests/gtest/Device.h:161:12
1: #15 0x7ff67eaa05d1 in TestResourceWithDevice_BaselineInterfaceProperties_Test::TestBody() D:/a/iotivity-lite/iotivity-lite/api/unittest/resourcetest.cpp:648:3
1: #16 0x7ff67f13ba49 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2078:10
1: #17 0x7ff67f0f71bc in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2114:14
1: #18 0x7ff67f099a7b in testing::Test::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2150:5
1: #19 0x7ff67f09ccc5 in testing::TestInfo::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2326:11
1: #20 0x7ff67f09f0ff in testing::TestCase::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2444:28
1: #21 0x7ff67f0bf50a in testing::internal::UnitTestImpl::RunAllTests() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:4315:43
1: #22 0x7ff67f159a99 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2078:10
1: #23 0x7ff67f10149c in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2114:14
1: #24 0x7ff67f0bd451 in testing::UnitTest::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:3926:10
1: #25 0x7ff67efb3f22 in RUN_ALL_TESTS() D:/a/iotivity-lite/iotivity-lite/deps/gtest/include/gtest/gtest.h:2288:46
1: #26 0x7ff67efb3db2 in main D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest_main.cc:37:10
1: #27 0x7ff67e361314 in __tmainCRTStartup C:/M/B/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:267:15
1:
1: previously allocated by thread T0 here:
1: #0 0x7ff86f4d4126 in calloc (D:\a\_temp\msys64\clang64\bin\libclang_rt.asan_dynamic-x86_64.dll+0x180044126)
1: #1 0x7ff67f29ce6a in get_network_addresses D:/a/iotivity-lite/iotivity-lite/port/windows/network_addresses.c:96:18
1: #2 0x7ff67f[282](https://github.com/iotivity/iotivity-lite/actions/runs/7050231085/job/19190453935#step:5:283)d9f in get_interface_index D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:133:27
1: #3 0x7ff67f280c75 in add_new_session_locked D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:216:19
1: #4 0x7ff67f26074b in initiate_new_session_locked D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:365:7
1: #5 0x7ff67f25cff3 in oc_tcp_send_buffer D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:393:22
1: #6 0x7ff67edd102f in oc_send_buffer D:/a/iotivity-lite/iotivity-lite/port/windows/ipadapter.c:1140:12
1: #7 0x7ff67eba6dbf in handle_outbound_network_event D:/a/iotivity-lite/iotivity-lite/api/oc_message_buffer.c:151:7
1: #8 0x7ff67eba2186 in process_thread_oc_message_buffer_handler D:/a/iotivity-lite/iotivity-lite/api/oc_message_buffer.c:182:7
1: #9 0x7ff67eafd8ac in call_process D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:224:16
1: #10 0x7ff67eafc0a4 in do_event D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:341:5
1: #11 0x7ff67eafb82e in oc_process_run D:/a/iotivity-lite/iotivity-lite/util/oc_process.c:354:3
1: #12 0x7ff67eb9cd2f in oc_main_poll_v1 D:/a/iotivity-lite/iotivity-lite/api/oc_main.c:389:10
1: #13 0x7ff67e3cf8f3 in oc::Device::PoolEventsMs(unsigned long long, bool) D:/a/iotivity-lite/iotivity-lite/tests/gtest/Device.cpp:221:34
1: #14 0x7ff67e3d6493 in oc::TestDevice::PoolEventsMsV1(std::__1::chrono::duration<long long, std::__1::ratio<1ll, 1000ll>>, bool) D:/a/iotivity-lite/iotivity-lite/tests/gtest/Device.h:161:12
1: #15 0x7ff67eaa05d1 in TestResourceWithDevice_BaselineInterfaceProperties_Test::TestBody() D:/a/iotivity-lite/iotivity-lite/api/unittest/resourcetest.cpp:648:3
1: #16 0x7ff67f13ba49 in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2078:10
1: #17 0x7ff67f0f71bc in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2114:14
1: #18 0x7ff67f099a7b in testing::Test::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2150:5
1: #19 0x7ff67f09ccc5 in testing::TestInfo::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2326:11
1: #20 0x7ff67f09f0ff in testing::TestCase::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2444:28
1: #21 0x7ff67f0bf50a in testing::internal::UnitTestImpl::RunAllTests() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:4315:43
1: #22 0x7ff67f159a99 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2078:10
1: #23 0x7ff67f10149c in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:2114:14
1: #24 0x7ff67f0bd451 in testing::UnitTest::Run() D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest.cc:3926:10
1: #25 0x7ff67efb3f22 in RUN_ALL_TESTS() D:/a/iotivity-lite/iotivity-lite/deps/gtest/include/gtest/gtest.h:2[288](https://github.com/iotivity/iotivity-lite/actions/runs/7050231085/job/19190453935#step:5:289):46
1: #26 0x7ff67efb3db2 in main D:/a/iotivity-lite/iotivity-lite/deps/gtest/src/gtest_main.cc:37:10
1: #27 0x7ff67e361[314](https://github.com/iotivity/iotivity-lite/actions/runs/7050231085/job/19190453935#step:5:315) in __tmainCRTStartup C:/M/B/src/mingw-w64/mingw-w64-crt/crt/crtexe.c:267:15
1:
1: SUMMARY: AddressSanitizer: heap-use-after-free D:/a/iotivity-lite/iotivity-lite/port/windows/tcpadapter.c:152:23 in get_interface_index