Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...)#14242
Merged
laanwj merged 1 commit intobitcoin:masterfrom Feb 8, 2019
Conversation
Contributor
Author
Member
|
Shouldn't |
Contributor
Author
|
@MarcoFalke Sure! Added a commit. Please re-review :-) |
maflcko
reviewed
Sep 17, 2018
Contributor
@MarcoFalke the same for -0 ae17de5 because it changes IMO should avoid the call to |
practicalswift
force-pushed
the
ub-in-DecodeSecret
branch
from
ae17de5 to
8ea1d7e
Compare
Contributor
Author
|
@MarcoFalke I think @promag has a good point. Now reverted to the original version. |
Contributor
Author
|
@promag Thanks for reviewing. Now updated. Please re-review :-) |
This was referenced Sep 18, 2018
Merged
maflcko
pushed a commit
that referenced
this pull request
Nov 5, 2018
…defined behaviour sanitizer (UBSan) 9f49db7 Enable functional tests in UBSAN job. Enable -fsanitize=integer (part of UBSAN). Merge UBSAN Travis job with no depends. (practicalswift) Pull request description: Run functional tests and benchmarks under the undefined behaviour sanitizer (UBSan). This will make Travis automatically detect issues such as: * #14242: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)` * #14239: Avoid dividing by zero (undefined behaviour) in `EstimateMedianVal` (policy)/`ConnectTip` (validation)/`CreateTransaction` (wallet) * #13546: wallet: Avoid potential use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)` Addresses issue #14059. Tree-SHA512: 285e1542b36c582516c47938ce8d999fd89ba6c867bc0976e7306e7c949b8b84ffbfa43dbc679dd97ae639b086092e7d799d8e1c903c66a37d529ce61d5c64b4
Member
|
Could remove the suppression from the file in contrib? |
practicalswift
force-pushed
the
ub-in-DecodeSecret
branch
from
8ea1d7e to
1cab4bb
Compare
Contributor
Author
|
@MarcoFalke Good point! Added commit 1cab4bb7e09c9d68e104460b67e5804848cd3c2e which removes UBSan suppression. Please re-review :-) |
Contributor
|
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
Contributor
Author
|
Rebased! |
practicalswift
force-pushed
the
ub-in-DecodeSecret
branch
from
1cab4bb to
f094aeb
Compare
luke-jr
reviewed
Dec 19, 2018
practicalswift
force-pushed
the
ub-in-DecodeSecret
branch
from
f094aeb to
524a876
Compare
Contributor
Author
|
@luke-jr @promag @MarcoFalke Would you mind re-reviewing? :-) |
Contributor
Author
|
@MarcoFalke Could this one get a release milestone? :-) |
laanwj
reviewed
Feb 6, 2019
Contributor
|
Agree with @laanwj, also (nit) could squash. utACK 524a876 otherwise. |
…an invalid string is passed to DecodeSecret(...)
practicalswift
force-pushed
the
ub-in-DecodeSecret
branch
from
524a876 to
d855e4c
Compare
Contributor
Author
promag
reviewed
Feb 7, 2019
laanwj
added a commit
that referenced
this pull request
Feb 8, 2019
…tr, 0, 0)) if an invalid string is passed to DecodeSecret(...) d855e4c Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) (practicalswift) Pull request description: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)`. Background reading: [memcpy (and friends) with NULL pointers](https://www.imperialviolet.org/2016/06/26/nonnull.html) Steps to reproduce: ``` ./configure --with-sanitizers=undefined && make check && ./test/functional/test_runner.py ``` Tree-SHA512: b8325ced4f724d9c03065e0747af56b1f297a90d9fb09a24d46c3231a90dce3df6299f2c41f863b5cec18eaeded7b46ee4b93d9a52adc2541eb4c44d2c0965d9
jasonbcox
pushed a commit
to Bitcoin-ABC/bitcoin-abc
that referenced
this pull request
Sep 13, 2019
…an invalid string is passed to DecodeSecret(...) Summary: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)`. Backport of Bitcoin Core PR14242 bitcoin/bitcoin#14242 Test Plan: ``` make check ``` Reviewers: Fabien, #bitcoin_abc, deadalnix, jasonbcox Reviewed By: #bitcoin_abc, jasonbcox Differential Revision: https://reviews.bitcoinabc.org/D4017
UdjinM6
pushed a commit
to UdjinM6/dash
that referenced
this pull request
Jan 8, 2021
…t(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) d855e4c Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) (practicalswift) Pull request description: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)`. Background reading: [memcpy (and friends) with NULL pointers](https://www.imperialviolet.org/2016/06/26/nonnull.html) Steps to reproduce: ``` ./configure --with-sanitizers=undefined && make check && ./test/functional/test_runner.py ``` Tree-SHA512: b8325ced4f724d9c03065e0747af56b1f297a90d9fb09a24d46c3231a90dce3df6299f2c41f863b5cec18eaeded7b46ee4b93d9a52adc2541eb4c44d2c0965d9
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Aug 16, 2021
… the undefined behaviour sanitizer (UBSan) 9f49db7 Enable functional tests in UBSAN job. Enable -fsanitize=integer (part of UBSAN). Merge UBSAN Travis job with no depends. (practicalswift) Pull request description: Run functional tests and benchmarks under the undefined behaviour sanitizer (UBSan). This will make Travis automatically detect issues such as: * bitcoin#14242: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)` * bitcoin#14239: Avoid dividing by zero (undefined behaviour) in `EstimateMedianVal` (policy)/`ConnectTip` (validation)/`CreateTransaction` (wallet) * bitcoin#13546: wallet: Avoid potential use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)` Addresses issue bitcoin#14059. Tree-SHA512: 285e1542b36c582516c47938ce8d999fd89ba6c867bc0976e7306e7c949b8b84ffbfa43dbc679dd97ae639b086092e7d799d8e1c903c66a37d529ce61d5c64b4
PastaPastaPasta
pushed a commit
to PastaPastaPasta/dash
that referenced
this pull request
Aug 18, 2021
… the undefined behaviour sanitizer (UBSan) 9f49db7 Enable functional tests in UBSAN job. Enable -fsanitize=integer (part of UBSAN). Merge UBSAN Travis job with no depends. (practicalswift) Pull request description: Run functional tests and benchmarks under the undefined behaviour sanitizer (UBSan). This will make Travis automatically detect issues such as: * bitcoin#14242: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)` * bitcoin#14239: Avoid dividing by zero (undefined behaviour) in `EstimateMedianVal` (policy)/`ConnectTip` (validation)/`CreateTransaction` (wallet) * bitcoin#13546: wallet: Avoid potential use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)` Addresses issue bitcoin#14059. Tree-SHA512: 285e1542b36c582516c47938ce8d999fd89ba6c867bc0976e7306e7c949b8b84ffbfa43dbc679dd97ae639b086092e7d799d8e1c903c66a37d529ce61d5c64b4 continued 14252 Co-authored-by: UdjinM6 <[email protected]>
pravblockc
pushed a commit
to pravblockc/dash
that referenced
this pull request
Aug 19, 2021
…t(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) d855e4c Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) (practicalswift) Pull request description: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)`. Background reading: [memcpy (and friends) with NULL pointers](https://www.imperialviolet.org/2016/06/26/nonnull.html) Steps to reproduce: ``` ./configure --with-sanitizers=undefined && make check && ./test/functional/test_runner.py ``` Tree-SHA512: b8325ced4f724d9c03065e0747af56b1f297a90d9fb09a24d46c3231a90dce3df6299f2c41f863b5cec18eaeded7b46ee4b93d9a52adc2541eb4c44d2c0965d9
PastaPastaPasta
added a commit
to dashpay/dash
that referenced
this pull request
Aug 21, 2021
Backports v0.18: PR's bitcoin#14242, 15351 and 14519
gades
pushed a commit
to cosanta/cosanta-core
that referenced
this pull request
Apr 1, 2022
…t(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) d855e4c Avoid triggering undefined behaviour (std::memset(nullptr, 0, 0)) if an invalid string is passed to DecodeSecret(...) (practicalswift) Pull request description: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)`. Background reading: [memcpy (and friends) with NULL pointers](https://www.imperialviolet.org/2016/06/26/nonnull.html) Steps to reproduce: ``` ./configure --with-sanitizers=undefined && make check && ./test/functional/test_runner.py ``` Tree-SHA512: b8325ced4f724d9c03065e0747af56b1f297a90d9fb09a24d46c3231a90dce3df6299f2c41f863b5cec18eaeded7b46ee4b93d9a52adc2541eb4c44d2c0965d9
gades
pushed a commit
to cosanta/cosanta-core
that referenced
this pull request
Apr 20, 2022
… the undefined behaviour sanitizer (UBSan) 9f49db7 Enable functional tests in UBSAN job. Enable -fsanitize=integer (part of UBSAN). Merge UBSAN Travis job with no depends. (practicalswift) Pull request description: Run functional tests and benchmarks under the undefined behaviour sanitizer (UBSan). This will make Travis automatically detect issues such as: * bitcoin#14242: Avoid triggering undefined behaviour (`std::memset(nullptr, 0, 0)`) if an invalid string is passed to `DecodeSecret(...)` * bitcoin#14239: Avoid dividing by zero (undefined behaviour) in `EstimateMedianVal` (policy)/`ConnectTip` (validation)/`CreateTransaction` (wallet) * bitcoin#13546: wallet: Avoid potential use of uninitialized value `bnb_used` in `CWallet::CreateTransaction(...)` Addresses issue bitcoin#14059. Tree-SHA512: 285e1542b36c582516c47938ce8d999fd89ba6c867bc0976e7306e7c949b8b84ffbfa43dbc679dd97ae639b086092e7d799d8e1c903c66a37d529ce61d5c64b4 continued 14252 Co-authored-by: UdjinM6 <[email protected]>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Avoid triggering undefined behaviour (
std::memset(nullptr, 0, 0)) if an invalid string is passed toDecodeSecret(...).Background reading: memcpy (and friends) with NULL pointers
Steps to reproduce: