-
Notifications
You must be signed in to change notification settings - Fork 60
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
stack smashing error with Yubikey recording #196
Comments
Attaching the umockdev files for both examples above. |
Well, yes and no. It is either a libfido bug or a false positive. i.e. the issue is that we are sending the If that memory doesn't need to be initialized (for the kernel), then this can be safely ignored. Thing is here, that umockdev always does a read, even if a write would be sufficient. As such, false positives like this are likely to happen. EDIT: Said differently, I see the following possibilities:
One could improve it in umockdev, but not easily. i.e. it would require adding API to only do partial memory reads/writes making the emulation layer more complicated. I don't expect that this happens often enough to make it worthwhile, i.e. it is easier to just deal with the false positive in the test. |
OK, talked a bit too early. So, the above is true for
i.e. it first reads the size into the header of the structure. Then it allocates enough memory and fetches it. The kernel will only write This can be fixed in umockdev by adding a custom implementation for the IOCTL that will only update the correct memory areas. It isn't overly hard, but it is a bit of a pain (unless one accepts reading/writing the full |
I should have added what this means:
Note that in 2. and 3. we duplicate the size detection logic in |
I'm trying to record some basic interactions with a Yubikey for FIDO2 token testing. To do this, I'm using the basic "ykman" command and record it with umockdev. When I run the recording through, I get an error about stack smashing:
And after help from @ueno I see this from valgrand:
The text was updated successfully, but these errors were encountered: