Fixes for TFO Tests in ASAN build#18979
Closed
juergenchrist wants to merge 2 commits intoopenssl:masterfrom
Closed
Fixes for TFO Tests in ASAN build#18979juergenchrist wants to merge 2 commits intoopenssl:masterfrom
juergenchrist wants to merge 2 commits intoopenssl:masterfrom
Conversation
Running test_tfo_cli under asan yields
==166214==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700000d57c at pc 0x03ffa004ed86 bp 0x03ffe2977e80 sp 0x03ffe2977668
READ of size 112 at 0x60700000d57c thread T0
#0 0x3ffa004ed85 in memcpy (/lib64/libasan.so.8+0x4ed85)
openssl#1 0x3ff9f3615b7 in BIO_ADDR_dup crypto/bio/bio_addr.c:77
[...]
and fails the test.
Fix this by copying the right structure of the union.
Signed-off-by: Juergen Christ <[email protected]>
mattcaswell
requested changes
Aug 11, 2022
mattcaswell
added
approval: review pending
Member
|
What branches does this apply to? |
Contributor
Author
Found it on master. Did not check other branches. But I do not think this needs to be backported. |
Running bio_tfo_test under asan yields
==172342==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 380 byte(s) in 5 object(s) allocated from:
#0 0x3ff89bba251 in malloc (/lib64/libasan.so.8+0xba251)
openssl#1 0x3ff88cf9fd5 in gaih_inet.constprop.0 (/lib64/libc.so.6+0xf9fd5)
openssl#2 0x3ff88cfaf6f in getaddrinfo (/lib64/libc.so.6+0xfaf6f)
openssl#3 0x3ff89ba52a9 in __interceptor_getaddrinfo.part.0 (/lib64/libasan.so.8+0xa52a9)
openssl#4 0x1004909 in test_fd_tfo test/bio_tfo_test.c:241
[...]
and fails the test.
Fix this by freeing the return addrinfo on exit.
Signed-off-by: Juergen Christ <[email protected]>
juergenchrist
force-pushed
the
fix/tfoasan
branch
from
94e458b to
0f258b5
Compare
mattcaswell
approved these changes
Aug 11, 2022
tmshort
added
approval: done
Contributor
TFO was not ported to 3.0 |
Collaborator
|
24 hours has passed since 'approval: done' was set, but as this PR has been updated in that time the label 'approval: ready to merge' is not being automatically set. Please review the updates and set the label manually. |
mattcaswell
added
approval: ready to merge
Member
|
Pushed. Thanks. |
openssl-machine
pushed a commit
that referenced
this pull request
Aug 12, 2022
Running test_tfo_cli under asan yields
==166214==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700000d57c at pc 0x03ffa004ed86 bp 0x03ffe2977e80 sp 0x03ffe2977668
READ of size 112 at 0x60700000d57c thread T0
#0 0x3ffa004ed85 in memcpy (/lib64/libasan.so.8+0x4ed85)
#1 0x3ff9f3615b7 in BIO_ADDR_dup crypto/bio/bio_addr.c:77
[...]
and fails the test.
Fix this by copying the right structure of the union.
Signed-off-by: Juergen Christ <[email protected]>
Reviewed-by: Todd Short <[email protected]>
Reviewed-by: Matt Caswell <[email protected]>
(Merged from #18979)
openssl-machine
pushed a commit
that referenced
this pull request
Aug 12, 2022
Running bio_tfo_test under asan yields
==172342==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 380 byte(s) in 5 object(s) allocated from:
#0 0x3ff89bba251 in malloc (/lib64/libasan.so.8+0xba251)
#1 0x3ff88cf9fd5 in gaih_inet.constprop.0 (/lib64/libc.so.6+0xf9fd5)
#2 0x3ff88cfaf6f in getaddrinfo (/lib64/libc.so.6+0xfaf6f)
#3 0x3ff89ba52a9 in __interceptor_getaddrinfo.part.0 (/lib64/libasan.so.8+0xa52a9)
#4 0x1004909 in test_fd_tfo test/bio_tfo_test.c:241
[...]
and fails the test.
Fix this by freeing the return addrinfo on exit.
Signed-off-by: Juergen Christ <[email protected]>
Reviewed-by: Todd Short <[email protected]>
Reviewed-by: Matt Caswell <[email protected]>
(Merged from #18979)
sftcd
pushed a commit
to sftcd/openssl
that referenced
this pull request
Sep 24, 2022
Running test_tfo_cli under asan yields
==166214==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700000d57c at pc 0x03ffa004ed86 bp 0x03ffe2977e80 sp 0x03ffe2977668
READ of size 112 at 0x60700000d57c thread T0
#0 0x3ffa004ed85 in memcpy (/lib64/libasan.so.8+0x4ed85)
#1 0x3ff9f3615b7 in BIO_ADDR_dup crypto/bio/bio_addr.c:77
[...]
and fails the test.
Fix this by copying the right structure of the union.
Signed-off-by: Juergen Christ <[email protected]>
Reviewed-by: Todd Short <[email protected]>
Reviewed-by: Matt Caswell <[email protected]>
(Merged from openssl#18979)
sftcd
pushed a commit
to sftcd/openssl
that referenced
this pull request
Sep 24, 2022
Running bio_tfo_test under asan yields
==172342==ERROR: LeakSanitizer: detected memory leaks
Direct leak of 380 byte(s) in 5 object(s) allocated from:
#0 0x3ff89bba251 in malloc (/lib64/libasan.so.8+0xba251)
#1 0x3ff88cf9fd5 in gaih_inet.constprop.0 (/lib64/libc.so.6+0xf9fd5)
#2 0x3ff88cfaf6f in getaddrinfo (/lib64/libc.so.6+0xfaf6f)
#3 0x3ff89ba52a9 in __interceptor_getaddrinfo.part.0 (/lib64/libasan.so.8+0xa52a9)
#4 0x1004909 in test_fd_tfo test/bio_tfo_test.c:241
[...]
and fails the test.
Fix this by freeing the return addrinfo on exit.
Signed-off-by: Juergen Christ <[email protected]>
Reviewed-by: Todd Short <[email protected]>
Reviewed-by: Matt Caswell <[email protected]>
(Merged from openssl#18979)
pr000000f
added a commit
to pr000000f/tongsuo-dev
that referenced
this pull request
Dec 8, 2025
From OpenSSL commit 278b0d8b674eba6f6e1ec51a18c3ccaf8db02701 openssl/openssl#18979 Running test_tfo_cli under asan yields ==166214==ERROR: AddressSanitizer: heap-buffer-overflow on address 0x60700000d57c at pc 0x03ffa004ed86 bp 0x03ffe2977e80 sp 0x03ffe2977668 READ of size 112 at 0x60700000d57c thread T0 #0 0x3ffa004ed85 in memcpy (/lib64/libasan.so.8+0x4ed85) Tongsuo-Project#1 0x3ff9f3615b7 in BIO_ADDR_dup crypto/bio/bio_addr.c:77 [...] and fails the test. Fix this by copying the right structure of the union.
pr000000f
added a commit
to pr000000f/tongsuo-dev
that referenced
this pull request
Dec 8, 2025
From OpenSSL commit d272ef5372a16924a5804b74a76491b1bc8529b5 openssl/openssl#18979 Running bio_tfo_test under asan yields ==172342==ERROR: LeakSanitizer: detected memory leaks Direct leak of 380 byte(s) in 5 object(s) allocated from: #0 0x3ff89bba251 in malloc (/lib64/libasan.so.8+0xba251) Tongsuo-Project#1 0x3ff88cf9fd5 in gaih_inet.constprop.0 (/lib64/libc.so.6+0xf9fd5) Tongsuo-Project#2 0x3ff88cfaf6f in getaddrinfo (/lib64/libc.so.6+0xfaf6f) Tongsuo-Project#3 0x3ff89ba52a9 in __interceptor_getaddrinfo.part.0 (/lib64/libasan.so.8+0xa52a9) Tongsuo-Project#4 0x1004909 in test_fd_tfo test/bio_tfo_test.c:241 [...] and fails the test. Fix this by freeing the return addrinfo on exit.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
4 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
ASAN reports a heap overflow and a leak when running tfo tests.
The heap overflow might be spurious (not sure what the C standard says to that case), but we can simply fix that by using the correct member of a union instead of copying all bytes of said union including bytes that might not belong to the structure written into the union.
The leak is due to a missing freeaddrinfo call.