Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[atlesn] Fix misc. usage of uninitialized memory #180

Merged
merged 3 commits into from
Mar 23, 2024
Merged
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
11 changes: 9 additions & 2 deletions src/configuration.c
Original file line number Diff line number Diff line change
Expand Up @@ -282,9 +282,12 @@ size_t configurationEncodedSize(const struct raft_configuration *c)
return bytePad64(n);
}

void configurationEncodeToBuf(const struct raft_configuration *c, void *buf)
void configurationEncodeToBuf(const struct raft_configuration *c,
void *buf,
size_t buf_len)
{
uint8_t *cursor = buf;
uint8_t *end = cursor + buf_len;
unsigned i;

/* Encoding format version */
Expand All @@ -301,6 +304,10 @@ void configurationEncodeToBuf(const struct raft_configuration *c, void *buf)
assert(server->role < 255);
bytePut8(&cursor, (uint8_t)server->role);
};

assert(cursor <= end);

memset(cursor, 0, (size_t) (end - cursor));
}

int configurationEncode(const struct raft_configuration *c,
Expand All @@ -321,7 +328,7 @@ int configurationEncode(const struct raft_configuration *c,
goto err;
}

configurationEncodeToBuf(c, buf->base);
configurationEncodeToBuf(c, buf->base, buf->len);

return 0;

Expand Down
6 changes: 4 additions & 2 deletions src/configuration.h
Original file line number Diff line number Diff line change
Expand Up @@ -96,8 +96,10 @@ int configurationCopy(const struct raft_configuration *src,
size_t configurationEncodedSize(const struct raft_configuration *c);

/* Encode the given configuration object to the given pre-allocated buffer,
* which is assumed to be at least configurationEncodedSize(c) bytes. */
void configurationEncodeToBuf(const struct raft_configuration *c, void *buf);
* which must be at least configurationEncodedSize(c) bytes. */
void configurationEncodeToBuf(const struct raft_configuration *c,
void *buf,
size_t buf_len);

/* Encode the given configuration object. The memory of the returned buffer is
* allocated using raft_malloc(), and client code is responsible for releasing
Expand Down
2 changes: 2 additions & 0 deletions src/convert.c
Original file line number Diff line number Diff line change
Expand Up @@ -228,6 +228,8 @@ int convertToLeader(struct raft *r)
goto err;
}

*(uint64_t *) r->barrier.buf.base = 0;

r->barrier.batch = r->barrier.buf.base;

rv = ClientSubmit(r, &r->barrier, 1);
Expand Down
7 changes: 5 additions & 2 deletions src/uv_encoding.c
Original file line number Diff line number Diff line change
Expand Up @@ -180,7 +180,7 @@ static void encodeInstallSnapshot(const struct raft_install_snapshot *p,
bytePut64(&cursor, p->conf_index); /* Configuration's index */
bytePut64(&cursor, conf_size); /* Length of configuration */

configurationEncodeToBuf(&p->conf, cursor); /* Configuration data */
configurationEncodeToBuf(&p->conf, cursor, conf_size); /* Configuration data */
cursor = (uint8_t *)cursor + conf_size;

bytePut64(&cursor, p->data.len); /* Length of snapshot data */
Expand Down Expand Up @@ -337,7 +337,10 @@ void uvEncodeBatchHeader(const struct raft_entry *entries,
/* Message type (Either RAFT_COMMAND or RAFT_CHANGE) */
bytePut8(&cursor, (uint8_t)entry->type);

cursor = (uint8_t *)cursor + 3; /* Unused */
/* Unused */
bytePut8(&cursor, 0);
bytePut8(&cursor, 0);
bytePut8(&cursor, 0);

/* Size of the log entry data, little endian. */
bytePut32(&cursor, (uint32_t)entry->buf.len);
Expand Down
13 changes: 8 additions & 5 deletions src/uv_tcp_connect.c
Original file line number Diff line number Diff line change
Expand Up @@ -52,20 +52,23 @@ struct uvTcpConnect
static int uvTcpEncodeHandshake(raft_id id, const char *address, uv_buf_t *buf)
{
uint8_t *cursor;
size_t address_len = bytePad64(strlen(address) + 1);
size_t address_len = strlen(address) + 1;
size_t address_len_padded = bytePad64(address_len);
buf->len = sizeof(uint64_t) + /* Protocol version. */
sizeof(uint64_t) + /* Server ID. */
sizeof(uint64_t) /* Size of the address buffer */;
buf->len += address_len;
sizeof(uint64_t) + /* Size of the address buffer */
address_len_padded;
buf->base = RaftHeapMalloc(buf->len);
if (buf->base == NULL) {
return RAFT_NOMEM;
}
cursor = (uint8_t *)buf->base;
bytePut64(&cursor, UV__TCP_HANDSHAKE_PROTOCOL);
bytePut64(&cursor, id);
bytePut64(&cursor, address_len);
strcpy((char *)cursor, address);
bytePut64(&cursor, address_len_padded);
memcpy(cursor, address, address_len);
cursor += address_len;
memset(cursor, 0, address_len_padded - address_len);
return 0;
}

Expand Down
Loading