wallet: Fix use of uninitialized value bnb_used in CWallet::CreateTransaction(...)#13546
Conversation
|
This is a return value, so it is never uninitialized. |
|
@MarcoFalke In the case of |
src/wallet/wallet.cpp
Outdated
There was a problem hiding this comment.
If pick_new_inputs == false then below bnb_used can be used right? Other output vars (nValueIn and setCoins) are also initialized here.
There was a problem hiding this comment.
I think the correct fix is to move this out of the loop scope, so it doesn't loose the value since the last coin selection iteration. So move here:
Lines 2835 to 2843 in fad42e8
Because there are 2 cases that skip "pick new inputs":
Lines 2987 to 2991 in fad42e8
Lines 3024 to 3028 in fad42e8
And when that happens
use_bnb can be used uninitialized.
| No more conflicts as of last run. |
|
FYI also not initialized in bitcoin/src/bench/coin_selection.cpp Line 48 in d96bdd7 But there it should be ok. |
|
@MarcoFalke Is my reasoning correct or do your comment still stand? :-) |
|
@promag Thanks for reviewing. Anything changes needed to get an |
|
We really should have a test case that exercises the logic if |
|
@MarcoFalke I was asking about the statement "it is never uninitialized". That was a misunderstanding? |
|
Whenever it is returned, it is initialized. However, if it is not returned, we shouldn't be reading from it, so I was asking about a test case that exercises that exact code path. |
| The last travis run for this pull request was 59 days ago and is thus outdated. To trigger a fresh travis build, this pull request should be closed and re-opened. |
practicalswift
force-pushed
the
uninitialized-bnb_used
branch
from
ce81385 to
126561a
Compare
|
@MarcoFalke I originally found this issue by using static analysis but I rediscovered it using dynamic analysis as well. It turns out that this is triggered simply running the test suite under UBSan :-) See https://travis-ci.org/bitcoin/bitcoin/jobs/429944903#L3960 |
src/wallet/wallet.cpp
Outdated
There was a problem hiding this comment.
Imo this shouldn't be initialized to false. This just silences the bug without fixing it. Imo it should be set to false only when !pick_new_inputs?
…:CreateTransaction(...)
practicalswift
force-pushed
the
uninitialized-bnb_used
branch
from
126561a to
a23a7f6
Compare
|
@MarcoFalke Thanks for reviewing! Addressed feedback. Please re-review :-) |
|
utACK a23a7f6 |
|
Interesting, I couldn't reproduce this locally with |
practicalswift
changed the title
|
Removed "potential" in the title since this use of uninitialized value has been observed also during run-time :-) |
practicalswift
changed the title
…let::CreateTransaction(...) a23a7f6 wallet: Avoid potential use of unitialized value bnb_used in CWallet::CreateTransaction(...) (practicalswift) Pull request description: Avoid use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)`. Tree-SHA512: 22faf0711ae35af44d9a0ab7f251bc01661ac88b40ad7b0a87a510427b46bbc8caf16868cab2e0a05e7d8518e93ce666d6bd1d48d3707d37bab2c0fb56a0a4a2
…defined behaviour sanitizer (UBSan) 9f49db7 Enable functional tests in UBSAN job. Enable -fsanitize=integer (part of UBSAN). Merge UBSAN Travis job with no depends. (practicalswift) Pull request description: Run functional tests and benchmarks under the undefined behaviour sanitizer (UBSan). This will make Travis automatically detect issues such as: * #14242: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)` * #14239: Avoid dividing by zero (undefined behaviour) in `EstimateMedianVal` (policy)/`ConnectTip` (validation)/`CreateTransaction` (wallet) * #13546: wallet: Avoid potential use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)` Addresses issue #14059. Tree-SHA512: 285e1542b36c582516c47938ce8d999fd89ba6c867bc0976e7306e7c949b8b84ffbfa43dbc679dd97ae639b086092e7d799d8e1c903c66a37d529ce61d5c64b4
…:CreateTransaction(...) Github-Pull: bitcoin#13546 Rebased-From: a23a7f6
…Wallet::CreateTransaction(...) Summary: wallet: Avoid potential use of unitialized value bnb_used in CWallet::CreateTransaction(...) (practicalswift) Pull request description: Avoid use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)`. bitcoin/bitcoin@a23a7f6 --- Backport of Core [[bitcoin/bitcoin#13546 | PR13546]] Test Plan: ninja check check-functional Reviewers: #bitcoin_abc, Fabien Reviewed By: #bitcoin_abc, Fabien Differential Revision: https://reviews.bitcoinabc.org/D7060
… in CWallet::CreateTransaction(...) a23a7f6 wallet: Avoid potential use of unitialized value bnb_used in CWallet::CreateTransaction(...) (practicalswift) Pull request description: Avoid use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)`. Tree-SHA512: 22faf0711ae35af44d9a0ab7f251bc01661ac88b40ad7b0a87a510427b46bbc8caf16868cab2e0a05e7d8518e93ce666d6bd1d48d3707d37bab2c0fb56a0a4a2
… the undefined behaviour sanitizer (UBSan) 9f49db7 Enable functional tests in UBSAN job. Enable -fsanitize=integer (part of UBSAN). Merge UBSAN Travis job with no depends. (practicalswift) Pull request description: Run functional tests and benchmarks under the undefined behaviour sanitizer (UBSan). This will make Travis automatically detect issues such as: * bitcoin#14242: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)` * bitcoin#14239: Avoid dividing by zero (undefined behaviour) in `EstimateMedianVal` (policy)/`ConnectTip` (validation)/`CreateTransaction` (wallet) * bitcoin#13546: wallet: Avoid potential use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)` Addresses issue bitcoin#14059. Tree-SHA512: 285e1542b36c582516c47938ce8d999fd89ba6c867bc0976e7306e7c949b8b84ffbfa43dbc679dd97ae639b086092e7d799d8e1c903c66a37d529ce61d5c64b4
… the undefined behaviour sanitizer (UBSan) 9f49db7 Enable functional tests in UBSAN job. Enable -fsanitize=integer (part of UBSAN). Merge UBSAN Travis job with no depends. (practicalswift) Pull request description: Run functional tests and benchmarks under the undefined behaviour sanitizer (UBSan). This will make Travis automatically detect issues such as: * bitcoin#14242: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)` * bitcoin#14239: Avoid dividing by zero (undefined behaviour) in `EstimateMedianVal` (policy)/`ConnectTip` (validation)/`CreateTransaction` (wallet) * bitcoin#13546: wallet: Avoid potential use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)` Addresses issue bitcoin#14059. Tree-SHA512: 285e1542b36c582516c47938ce8d999fd89ba6c867bc0976e7306e7c949b8b84ffbfa43dbc679dd97ae639b086092e7d799d8e1c903c66a37d529ce61d5c64b4 continued 14252 Co-authored-by: UdjinM6 <[email protected]>
… the undefined behaviour sanitizer (UBSan) 9f49db7 Enable functional tests in UBSAN job. Enable -fsanitize=integer (part of UBSAN). Merge UBSAN Travis job with no depends. (practicalswift) Pull request description: Run functional tests and benchmarks under the undefined behaviour sanitizer (UBSan). This will make Travis automatically detect issues such as: * bitcoin#14242: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)` * bitcoin#14239: Avoid dividing by zero (undefined behaviour) in `EstimateMedianVal` (policy)/`ConnectTip` (validation)/`CreateTransaction` (wallet) * bitcoin#13546: wallet: Avoid potential use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)` Addresses issue bitcoin#14059. Tree-SHA512: 285e1542b36c582516c47938ce8d999fd89ba6c867bc0976e7306e7c949b8b84ffbfa43dbc679dd97ae639b086092e7d799d8e1c903c66a37d529ce61d5c64b4 continued 14252 Co-authored-by: UdjinM6 <[email protected]>
6 participants
Avoid use of uninitialized value
bnb_usedinCWallet::CreateTransaction(...).