1785033 - Syscall param socketcall.sendto(msg) points to uninitialised

Status: RESOLVED INCOMPLETE

(NSS :: Libraries, defect)

Description

[Mike Hommey [:glandium]]

A Debian user reported these valgrind traces when running pidgin (which uses NSS for crypto):

==837133== Syscall param socketcall.sendto(msg) points to uninitialised byte(s)
==837133==    at 0x5A153D6: __libc_send (send.c:28)
==837133==    by 0x5A153D6: send (send.c:23)
==837133==    by 0xB083527: pt_Send (ptio.c:2002)
==837133==    by 0xB01DFF7: ssl_DefSend (ssldef.c:105)
==837133==    by 0xB0229C0: ssl_SendSavedWriteData (sslsecur.c:452)
==837133==    by 0xB006839: ssl3_SendRecord (ssl3con.c:2568)
==837133==    by 0xB006C2C: ssl3_FlushHandshakeMessages (ssl3con.c:2774)
==837133==    by 0xB006C2C: ssl3_FlushHandshake (ssl3con.c:2747)
==837133==    by 0xB00F5E4: ssl3_SendFinished (ssl3con.c:11944)
==837133==    by 0xB00FB79: ssl3_SendClientSecondRound (ssl3con.c:8191)
==837133==    by 0xB011A7A: ssl3_HandleServerHelloDone (ssl3con.c:8061)
==837133==    by 0xB011A7A: ssl3_HandlePostHelloHandshakeMessage (ssl3con.c:12568)
==837133==    by 0xB011A7A: ssl3_HandleHandshakeMessage (ssl3con.c:12479)
==837133==    by 0xB014A74: ssl3_HandleHandshake (ssl3con.c:12653)
==837133==    by 0xB014A74: ssl3_HandleNonApplicationData (ssl3con.c:13188)
==837133==    by 0xB0153C0: ssl3_HandleRecord (ssl3con.c:13529)
==837133==    by 0xB01B500: ssl3_GatherCompleteHandshake (ssl3gthr.c:561)
==837133==    by 0xB01B500: ssl3_GatherCompleteHandshake (ssl3gthr.c:449)
==837133==    by 0xB022A80: SSL_ForceHandshake (sslsecur.c:382)
==837133==    by 0xADCC8D6: ssl_nss_handshake_cb (ssl-nss.c:371)
==837133==    by 0x1824B1: pidgin_io_invoke (gtkeventloop.c:73)
==837133==    by 0x54BBA9E: g_main_dispatch (gmain.c:3417)
==837133==    by 0x54BBA9E: g_main_context_dispatch (gmain.c:4135)
==837133==    by 0x54BBE57: g_main_context_iterate.constprop.0 (gmain.c:4211)
==837133==    by 0x54BC10E: g_main_loop_run (gmain.c:4411)
==837133==    by 0x4C57B29: gtk_main (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.33)
==837133==    by 0x145D7B: main (gtkmain.c:948)
==837133==  Address 0x1b82e246 is 534 bytes inside a block of size 1,553 alloc'd
==837133==    at 0x484582F: realloc (vg_replace_malloc.c:1437)
==837133==    by 0xB2114A1: PORT_Realloc_Util (secport.c:101)
==837133==    by 0xB01E1E4: sslBuffer_Grow (sslencode.c:50)
==837133==    by 0xB01E1E4: sslBuffer_Grow (sslencode.c:31)
==837133==    by 0xB01E42B: sslBuffer_Append (sslencode.c:82)
==837133==    by 0xB006817: ssl3_SendRecord (ssl3con.c:2559)
==837133==    by 0xB006C2C: ssl3_FlushHandshakeMessages (ssl3con.c:2774)
==837133==    by 0xB006C2C: ssl3_FlushHandshake (ssl3con.c:2747)
==837133==    by 0xB00F5E4: ssl3_SendFinished (ssl3con.c:11944)
==837133==    by 0xB00FB79: ssl3_SendClientSecondRound (ssl3con.c:8191)
==837133==    by 0xB011A7A: ssl3_HandleServerHelloDone (ssl3con.c:8061)
==837133==    by 0xB011A7A: ssl3_HandlePostHelloHandshakeMessage (ssl3con.c:12568)
==837133==    by 0xB011A7A: ssl3_HandleHandshakeMessage (ssl3con.c:12479)
==837133==    by 0xB014A74: ssl3_HandleHandshake (ssl3con.c:12653)
==837133==    by 0xB014A74: ssl3_HandleNonApplicationData (ssl3con.c:13188)
==837133==    by 0xB0153C0: ssl3_HandleRecord (ssl3con.c:13529)
==837133==    by 0xB01B500: ssl3_GatherCompleteHandshake (ssl3gthr.c:561)
==837133==    by 0xB01B500: ssl3_GatherCompleteHandshake (ssl3gthr.c:449)
==837133==    by 0xB022A80: SSL_ForceHandshake (sslsecur.c:382)
==837133==    by 0xADCC8D6: ssl_nss_handshake_cb (ssl-nss.c:371)
==837133==    by 0x1824B1: pidgin_io_invoke (gtkeventloop.c:73)
==837133==    by 0x54BBA9E: g_main_dispatch (gmain.c:3417)
==837133==    by 0x54BBA9E: g_main_context_dispatch (gmain.c:4135)
==837133==    by 0x54BBE57: g_main_context_iterate.constprop.0 (gmain.c:4211)
==837133==    by 0x54BC10E: g_main_loop_run (gmain.c:4411)
==837133==    by 0x4C57B29: gtk_main (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.33)
==837133==    by 0x145D7B: main (gtkmain.c:948)
==837133==  Uninitialised value was created by a stack allocation
==837133==    at 0xB005DC0: ssl3_MACEncryptRecord (ssl3con.c:2104)
==837133== 
==837133== Syscall param socketcall.sendto(msg) points to uninitialised byte(s)
==837133==    at 0x5A153D6: __libc_send (send.c:28)
==837133==    by 0x5A153D6: send (send.c:23)
==837133==    by 0xB083527: pt_Send (ptio.c:2002)
==837133==    by 0xB01DFF7: ssl_DefSend (ssldef.c:105)
==837133==    by 0xB00687E: ssl3_SendRecord (ssl3con.c:2580)
==837133==    by 0xB006A4C: ssl3_SendApplicationData (ssl3con.c:2693)
==837133==    by 0xB02377A: ssl_SecureSend (sslsecur.c:985)
==837133==    by 0xB027E05: ssl_Write (sslsock.c:3257)
==837133==    by 0xADCC752: ssl_nss_write (ssl-nss.c:552)
==837133==    by 0xA5C360C: do_send (irc.c:108)
==837133==    by 0xA5C4D00: do_login (irc.c:497)
==837133==    by 0xA5C4F11: irc_login_cb_ssl (irc.c:531)
==837133==    by 0x5736AB9: purple_certificate_verify_complete (certificate.c:167)
==837133==    by 0x5739B89: x509_tls_cached_cert_in_cache (certificate.c:1580)
==837133==    by 0x5739B89: x509_tls_cached_start_verify (certificate.c:1863)
==837133==    by 0xADCCA5A: ssl_nss_handshake_cb (ssl-nss.c:401)
==837133==    by 0x1824B1: pidgin_io_invoke (gtkeventloop.c:73)
==837133==    by 0x54BBA9E: g_main_dispatch (gmain.c:3417)
==837133==    by 0x54BBA9E: g_main_context_dispatch (gmain.c:4135)
==837133==    by 0x54BBE57: g_main_context_iterate.constprop.0 (gmain.c:4211)
==837133==    by 0x54BC10E: g_main_loop_run (gmain.c:4411)
==837133==    by 0x4C57B29: gtk_main (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.33)
==837133==    by 0x145D7B: main (gtkmain.c:948)
==837133==  Address 0x1b5e2df5 is 5 bytes inside a block of size 4,096 alloc'd
==837133==    at 0x48407B5: malloc (vg_replace_malloc.c:381)
==837133==    by 0xB21141D: PORT_Alloc_Util (secport.c:87)
==837133==    by 0xB01E207: sslBuffer_Grow (sslencode.c:52)
==837133==    by 0xB01E207: sslBuffer_Grow (sslencode.c:31)
==837133==    by 0xB022BE0: ssl_CreateSecurityInfo (sslsecur.c:572)
==837133==    by 0xB02D2AB: ssl_NewSocket (sslsock.c:4256)
==837133==    by 0xB02DC60: ssl_ImportFD (sslsock.c:2162)
==837133==    by 0xADCCF84: ssl_nss_connect (ssl-nss.c:461)
==837133==    by 0x576D9BB: purple_proxy_connect_data_connected (proxy.c:796)
==837133==    by 0x576DA8A: socket_ready_cb (proxy.c:855)
==837133==    by 0x1824B1: pidgin_io_invoke (gtkeventloop.c:73)
==837133==    by 0x54BBA9E: g_main_dispatch (gmain.c:3417)
==837133==    by 0x54BBA9E: g_main_context_dispatch (gmain.c:4135)
==837133==    by 0x54BBE57: g_main_context_iterate.constprop.0 (gmain.c:4211)
==837133==    by 0x54BC10E: g_main_loop_run (gmain.c:4411)
==837133==    by 0x4C57B29: gtk_main (in /usr/lib/x86_64-linux-gnu/libgtk-x11-2.0.so.0.2400.33)
==837133==    by 0x145D7B: main (gtkmain.c:948)
==837133==  Uninitialised value was created by a stack allocation
==837133==    at 0xB005DC0: ssl3_MACEncryptRecord (ssl3con.c:2104)

(these are line numbers from 3.79, but the user can reproduce with 3.81)

Comment 1

[BugBot [:suhaib / :marco/ :calixte]]

The severity field is not set for this bug.
:beurdouche, could you have a look please?

For more information, please visit auto_nag documentation.

Comment 2

[Benjamin Beurdouche [:beurdouche]]

Marking as security just in case, pending more investigation.

Comment 3

[Dennis Jackson]

Apologies this didn't come up on the dashboard before. I've not been able to reproduce this. If the original reporter is willing to help, there are a few things they could try to help us track this down:

• Build NSS with UBSan and see if we can get a panic closer to the problematic code. It might be necessary to add some PRINT_BUF statements to ssl3_MACEncryptRecord to force a read of the uninitialised memory.
• Initialise the variables in ssl3_MACEncryptRecord to 0 and see if Valgrind's message goes away.