UBSan: TlsExtensionInjector::FilterHandshake(): load of misaligned address 0x6110001dfded for type 'uint16_t' which requires 2 byte alignment

RESOLVED FIXED in 3.28

Status

NSS
Libraries
RESOLVED FIXED
a year ago
a year ago

People

(Reporter: ttaubert, Assigned: ttaubert)

Tracking

Firefox Tracking Flags

(Not tracked)

Details

(Assignee)

Description

a year ago
ssl_extension_unittest.cc:93:29: runtime error: load of misaligned address 0x6110001dfded for type 'uint16_t' (aka 'unsigned short'), which requires 2 byte alignment
0x6110001dfded: note: pointer points here
 13 02 01 00 00 a0 00  00 00 0b 00 09 00 00 06  73 65 72 76 65 72 ff 01  00 01 00 00 0a 00 12 00  10
             ^
    #0 0x8b43cd in nss_test::TlsExtensionInjector::FilterHandshake(nss_test::TlsHandshakeFilter::HandshakeHeader const&, nss_test::DataBuffer const&, nss_test::DataBuffer*) /home/worker/nss/external_tests/ssl_gtest/ssl_extension_unittest.cc:93:29
    #1 0xbd85bc in nss_test::TlsHandshakeFilter::FilterRecord(nss_test::TlsRecordFilter::RecordHeader const&, nss_test::DataBuffer const&, nss_test::DataBuffer*) /home/worker/nss/external_tests/ssl_gtest/tls_filter.cc:140:35
    #2 0xbd5d2c in nss_test::TlsRecordFilter::FilterRecord(nss_test::TlsRecordFilter::RecordHeader const&, nss_test::DataBuffer const&, unsigned long*, nss_test::DataBuffer*) /home/worker/nss/external_tests/ssl_gtest/tls_filter.cc:57:33
    #3 0xbd3f1b in nss_test::TlsRecordFilter::Filter(nss_test::DataBuffer const&, nss_test::DataBuffer*) /home/worker/nss/external_tests/ssl_gtest/tls_filter.cc:35:9
    #4 0xa75c7c in nss_test::DummyPrSocket::Write(void const*, int) /home/worker/nss/external_tests/ssl_gtest/test_io.cc:384:23
    #5 0xa8093b in nss_test::DummyWrite(PRFileDesc*, void const*, int) /home/worker/nss/external_tests/ssl_gtest/test_io.cc:69:14
    #6 0xa82685 in nss_test::DummySend(PRFileDesc*, void const*, int, int, unsigned int) /home/worker/nss/external_tests/ssl_gtest/test_io.cc:162:21
    #7 0xec9c33 in ssl_DefSend /home/worker/nss/lib/ssl/ssldef.c:103:18
    #8 0xdd0daa in ssl3_SendRecord /home/worker/nss/lib/ssl/ssl3con.c:2739:20
    #9 0xddb197 in ssl3_FlushHandshakeMessages /home/worker/nss/lib/ssl/ssl3con.c:2912:13
    #10 0xdda426 in ssl3_FlushHandshake /home/worker/nss/lib/ssl/ssl3con.c:2882:16
    #11 0xdf9df6 in ssl3_SendClientHello /home/worker/nss/lib/ssl/ssl3con.c:5408:14
    #12 0x104a34a in ssl_BeginClientHandshake /home/worker/nss/lib/ssl/sslcon.c:204:10
    #13 0xf1463a in ssl_Do1stHandshake /home/worker/nss/lib/ssl/sslsecur.c:65:14
    #14 0xf202dc in SSL_ForceHandshake /home/worker/nss/lib/ssl/sslsecur.c:413:14
    #15 0xb06a06 in nss_test::TlsAgent::Handshake() /home/worker/nss/external_tests/ssl_gtest/tls_agent.cc:671:18
    #16 0xb46723 in nss_test::TlsConnectTestBase::Handshake() /home/worker/nss/external_tests/ssl_gtest/tls_connect.cc:239:12
    #17 0xb5cc2d in nss_test::TlsConnectTestBase::ConnectExpectFail() /home/worker/nss/external_tests/ssl_gtest/tls_connect.cc:327:3
    #18 0x872eaa in nss_test::TlsExtensionTestBase::ClientHelloErrorTest(nss_test::PacketFilter*, unsigned char) /home/worker/nss/external_tests/ssl_gtest/ssl_extension_unittest.cc:125:5
    #19 0x87521f in nss_test::TlsExtensionTestGeneric_RepeatSni_Test::TestBody() /home/worker/nss/external_tests/ssl_gtest/ssl_extension_unittest.cc:239:3
    #20 0xd56e9e in void testing::internal::HandleSehExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:2362:10
    #21 0xc448ed in void testing::internal::HandleExceptionsInMethodIfSupported<testing::Test, void>(testing::Test*, void (testing::Test::*)(), char const*) /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:2398:14
    #22 0xc43c40 in testing::Test::Run() /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:2434:5
    #23 0xc4aca2 in testing::TestInfo::Run() /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:2610:11
    #24 0xc51e8f in testing::TestCase::Run() /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:2728:28
    #25 0xc8ebdb in testing::internal::UnitTestImpl::RunAllTests() /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:4591:43
    #26 0xd6f400 in bool testing::internal::HandleSehExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:2362:10
    #27 0xc8be5d in bool testing::internal::HandleExceptionsInMethodIfSupported<testing::internal::UnitTestImpl, bool>(testing::internal::UnitTestImpl*, bool (testing::internal::UnitTestImpl::*)(), char const*) /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:2398:14
    #28 0xc8b58e in testing::UnitTest::Run() /home/worker/nss/external_tests/google_test/gtest/src/gtest.cc:4209:10
    #29 0x91ac5c in RUN_ALL_TESTS() /home/worker/nss/external_tests/ssl_gtest/../../external_tests/google_test/gtest/include/gtest/gtest.h:2304:46
    #30 0x91aae2 in main /home/worker/nss/external_tests/ssl_gtest/ssl_gtest.cc:37:12
    #31 0x7f61296a982f in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x2082f)
    #32 0x46e2d8 in _start (/home/worker/nss/external_tests/ssl_gtest/Linux4.1_x86_64_clang-3.9_glibc_PTH_64_ASAN_DBG.OBJ/ssl_gtest+0x46e2d8)
(Assignee)

Comment 1

a year ago
This patch increases the extension length on the stack to avoid warnings about unaligned uint16_t pointers.

https://nss-dev.phacility.com/D52
Flags: needinfo?(martin.thomson)
r+
Flags: needinfo?(martin.thomson)
(Assignee)

Comment 3

a year ago
https://hg.mozilla.org/projects/nss/rev/a33de858b09c
Status: ASSIGNED → RESOLVED
Last Resolved: a year ago
Resolution: --- → FIXED
Target Milestone: --- → 3.28
You need to log in before you can comment on or make changes to this bug.