From a2a8c3d4eefc6c6792997202ed59a3386f0c4183 Mon Sep 17 00:00:00 2001 From: Hamish Coleman Date: Sun, 8 May 2022 15:44:59 +0100 Subject: [PATCH 1/6] Add some analysis tools --- .github/workflows/tests.yml | 36 ++++++++++++++++++++++++++++++++++++ 1 file changed, 36 insertions(+) diff --git a/.github/workflows/tests.yml b/.github/workflows/tests.yml index 20fac5d..7d7b6bb 100644 --- a/.github/workflows/tests.yml +++ b/.github/workflows/tests.yml @@ -52,6 +52,42 @@ jobs: run: | make lint + analyse: + name: Code Analysers + runs-on: ubuntu-latest + strategy: + fail-fast: true + matrix: + flags: + - -fsanitize=leak + - -fsanitize=address -static-libasan + - -fsanitize=undefined -static-libubsan + + steps: + - uses: actions/checkout@v2 + with: + fetch-depth: 0 + - name: Fix Checkout + run: | + git fetch --force --tags + + - name: Make the makefiles + run: | + ./autogen.sh + + export CFLAGS="${{ matrix.flags }}" + export LDFLAGS="${{ matrix.flags }}" + ./configure + + - name: Install essential + run: | + sudo apt update + make build-dep + + - name: Run the analysis + run: | + make test + test_linux: needs: smoketest name: Test Linux From 188af371baeb7436bd3ce9f61d2388fa5b3b48cf Mon Sep 17 00:00:00 2001 From: Hamish Coleman Date: Sun, 8 May 2022 15:48:29 +0100 Subject: [PATCH 2/6] Fix leak --- src/cc20.c | 1 + 1 file changed, 1 insertion(+) diff --git a/src/cc20.c b/src/cc20.c index 168a423..73fab8c 100644 --- a/src/cc20.c +++ b/src/cc20.c @@ -417,5 +417,6 @@ int cc20_deinit (cc20_context_t *ctx) { #if defined (HAVE_OPENSSL_1_1) if(ctx->ctx) EVP_CIPHER_CTX_free(ctx->ctx); #endif + free(ctx); return 0; } From 7a2075c456c373bb9851bee570c61d0377b553a0 Mon Sep 17 00:00:00 2001 From: Hamish Coleman Date: Sun, 8 May 2022 16:46:00 +0100 Subject: [PATCH 3/6] Fix for address overrun --- src/auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/auth.c b/src/auth.c index 2b898c9..c4422a2 100644 --- a/src/auth.c +++ b/src/auth.c @@ -50,7 +50,7 @@ int bin_to_ascii (char *out, uint8_t *in, size_t in_len) { buf1 = in[bit_count / 8]; buf1 <<= bit_count % 8; - buf2 = ((bit_count + 6) < (8 * in_len)) ? in[bit_count / 8 + 1] : 0; + buf2 = ((bit_count + 8) < (8 * in_len)) ? in[bit_count / 8 + 1] : 0; buf2 >>= 8 - (bit_count % 8); buf1 |= buf2; From 038c244407111e3f851782f9b8a9a3103e168d71 Mon Sep 17 00:00:00 2001 From: Hamish Coleman Date: Sun, 8 May 2022 17:28:05 +0100 Subject: [PATCH 4/6] Fix supernode memory leak on exit path --- src/edge_utils.c | 1 + src/n2n.c | 3 +++ 2 files changed, 4 insertions(+) diff --git a/src/edge_utils.c b/src/edge_utils.c index 519e621..29c3c10 100644 --- a/src/edge_utils.c +++ b/src/edge_utils.c @@ -2994,6 +2994,7 @@ void edge_term (n2n_edge_t * eee) { clear_peer_list(&eee->pending_peers); clear_peer_list(&eee->known_peers); + clear_peer_list(&eee->conf.supernodes); eee->transop.deinit(&eee->transop); eee->transop_lzo.deinit(&eee->transop_lzo); diff --git a/src/n2n.c b/src/n2n.c index b57a43b..f53585f 100644 --- a/src/n2n.c +++ b/src/n2n.c @@ -653,6 +653,9 @@ size_t clear_peer_list (struct peer_info ** peer_list) { size_t retval = 0; HASH_ITER(hh, *peer_list, scan, tmp) { + if (scan->purgeable == SN_UNPURGEABLE && scan->ip_addr) { + free(scan->ip_addr); + } HASH_DEL(*peer_list, scan); mgmt_event_post(N2N_EVENT_PEER,N2N_EVENT_PEER_CLEAR,scan); /* FIXME: generates events for more than just p2p */ From 47768758d6841a78583922cf163590d6baf0782e Mon Sep 17 00:00:00 2001 From: Hamish Coleman Date: Sun, 8 May 2022 17:45:39 +0100 Subject: [PATCH 5/6] Fix use before null check --- src/sn_utils.c | 6 ++++-- src/transform_aes.c | 5 ++--- src/transform_cc20.c | 5 ++--- src/transform_speck.c | 5 ++--- src/transform_tf.c | 5 ++--- 5 files changed, 12 insertions(+), 14 deletions(-) diff --git a/src/sn_utils.c b/src/sn_utils.c index f325c26..2b24fa3 100644 --- a/src/sn_utils.c +++ b/src/sn_utils.c @@ -1348,8 +1348,10 @@ static int re_register_and_purge_supernodes (n2n_sn_t *sss, struct sn_community } // purge long-time-not-seen supernodes - purge_expired_nodes(&(comm->edges), sss->sock, &sss->tcp_connections, p_last_re_reg_and_purge, - RE_REG_AND_PURGE_FREQUENCY, LAST_SEEN_SN_INACTIVE); + if (comm) { + purge_expired_nodes(&(comm->edges), sss->sock, &sss->tcp_connections, p_last_re_reg_and_purge, + RE_REG_AND_PURGE_FREQUENCY, LAST_SEEN_SN_INACTIVE); + } } if(comm != NULL) { diff --git a/src/transform_aes.c b/src/transform_aes.c index d147287..2a3ab23 100644 --- a/src/transform_aes.c +++ b/src/transform_aes.c @@ -41,10 +41,9 @@ static int transop_deinit_aes (n2n_trans_op_t *arg) { transop_aes_t *priv = (transop_aes_t *)arg->priv; - if(priv->ctx) - aes_deinit(priv->ctx); - if(priv) + if(priv->ctx) + aes_deinit(priv->ctx); free(priv); return 0; diff --git a/src/transform_cc20.c b/src/transform_cc20.c index 5cf9eb4..445627f 100644 --- a/src/transform_cc20.c +++ b/src/transform_cc20.c @@ -33,10 +33,9 @@ static int transop_deinit_cc20 (n2n_trans_op_t *arg) { transop_cc20_t *priv = (transop_cc20_t *)arg->priv; - if(priv->ctx) - cc20_deinit(priv->ctx); - if(priv) + if(priv->ctx) + cc20_deinit(priv->ctx); free(priv); return 0; diff --git a/src/transform_speck.c b/src/transform_speck.c index 1778eb7..3b126cc 100644 --- a/src/transform_speck.c +++ b/src/transform_speck.c @@ -33,10 +33,9 @@ static int transop_deinit_speck (n2n_trans_op_t *arg) { transop_speck_t *priv = (transop_speck_t *)arg->priv; - if(priv->ctx) - speck_deinit(priv->ctx); - if(priv) + if(priv->ctx) + speck_deinit(priv->ctx); free(priv); return 0; diff --git a/src/transform_tf.c b/src/transform_tf.c index 4368d03..4adf6bc 100644 --- a/src/transform_tf.c +++ b/src/transform_tf.c @@ -41,10 +41,9 @@ static int transop_deinit_tf (n2n_trans_op_t *arg) { transop_tf_t *priv = (transop_tf_t *)arg->priv; - if(priv->ctx) - tf_deinit(priv->ctx); - if(priv) + if(priv->ctx) + tf_deinit(priv->ctx); free(priv); return 0; From a00aa63dd77e07732750fb3b0729a0fd954e57f6 Mon Sep 17 00:00:00 2001 From: Hamish Coleman Date: Sun, 8 May 2022 18:05:40 +0100 Subject: [PATCH 6/6] We are not in python any more, Toto --- src/transform_aes.c | 3 ++- src/transform_cc20.c | 3 ++- src/transform_speck.c | 3 ++- src/transform_tf.c | 3 ++- 4 files changed, 8 insertions(+), 4 deletions(-) diff --git a/src/transform_aes.c b/src/transform_aes.c index 2a3ab23..3a285c7 100644 --- a/src/transform_aes.c +++ b/src/transform_aes.c @@ -41,10 +41,11 @@ static int transop_deinit_aes (n2n_trans_op_t *arg) { transop_aes_t *priv = (transop_aes_t *)arg->priv; - if(priv) + if(priv) { if(priv->ctx) aes_deinit(priv->ctx); free(priv); + } return 0; } diff --git a/src/transform_cc20.c b/src/transform_cc20.c index 445627f..fe6eb8b 100644 --- a/src/transform_cc20.c +++ b/src/transform_cc20.c @@ -33,10 +33,11 @@ static int transop_deinit_cc20 (n2n_trans_op_t *arg) { transop_cc20_t *priv = (transop_cc20_t *)arg->priv; - if(priv) + if(priv) { if(priv->ctx) cc20_deinit(priv->ctx); free(priv); + } return 0; } diff --git a/src/transform_speck.c b/src/transform_speck.c index 3b126cc..a633844 100644 --- a/src/transform_speck.c +++ b/src/transform_speck.c @@ -33,10 +33,11 @@ static int transop_deinit_speck (n2n_trans_op_t *arg) { transop_speck_t *priv = (transop_speck_t *)arg->priv; - if(priv) + if(priv) { if(priv->ctx) speck_deinit(priv->ctx); free(priv); + } return 0; } diff --git a/src/transform_tf.c b/src/transform_tf.c index 4adf6bc..2900639 100644 --- a/src/transform_tf.c +++ b/src/transform_tf.c @@ -41,10 +41,11 @@ static int transop_deinit_tf (n2n_trans_op_t *arg) { transop_tf_t *priv = (transop_tf_t *)arg->priv; - if(priv) + if(priv) { if(priv->ctx) tf_deinit(priv->ctx); free(priv); + } return 0; }