[Live-devel] Valgrind uninitialised values inside live555

Костромин Дмитрий Андреевич kostromin at bolid.ru
Thu Aug 19 03:31:02 PDT 2021


18.08.2021 19:23, Ross Finlayson пишет:
> Thanks again for the report.  This was not a serious issue, but I’ve just released a new version (2021.08.18) of the code that should make ‘valgrind’ happy.
>
>
> Ross Finlayson
> Live Networks, Inc.
> http://www.live555.com/
>
>
> _______________________________________________
> live-devel mailing list
> live-devel at lists.live555.com
> http://lists.live555.com/mailman/listinfo/live-devel

Very thanks for fast answers and fixes!

I downloaded and build new version again and got last uninitialised 
value issue (my mistake - it seems i omitted this one last time)

==187844== Thread 23:
==187844== Conditional jump or move depends on uninitialised value(s)
==187844==    at 0x6509838: 
Groupsock::wasLoopedBackFromUs(UsageEnvironment&, sockaddr_storage 
const&) (Groupsock.cpp:319)
==187844==    by 0x647AFD2: RTCPInstance::incomingReportHandler1() 
(RTCP.cpp:460)
==187844==    by 0x647A028: SocketDescriptor::tcpReadHandler1(int) 
(RTPInterface.cpp:589)
==187844==    by 0x647A0CA: 
SocketDescriptor::tcpReadHandler(SocketDescriptor*, int) 
(RTPInterface.cpp:493)
==187844==    by 0x63BB33A: BasicTaskScheduler::SingleStep(unsigned int) 
(BasicTaskScheduler.cpp:171)
==187844==    by 0x63BA452: BasicTaskScheduler0::doEventLoop(char 
volatile*) (BasicTaskScheduler0.cpp:80)
==187844==    by 0x3AC081: video_network::rtsp_player::run() 
(rtsp_player.cpp:591)
==187844==    by 0x3B5361: void std::__invoke_impl<void, void 
(video_network::rtsp_player::*)(), 
video_network::rtsp_player*>(std::__invoke_memfun_deref, void 
(video_network::rtsp_player::*&&)(), video_network::rtsp_player*&&) 
(invoke.h:73)
==187844==    by 0x3B5290: std::__invoke_result<void 
(video_network::rtsp_player::*)(), video_network::rtsp_player*>::type 
std::__invoke<void (video_network::rtsp_player::*)(), 
video_network::rtsp_player*>(void (video_network::rtsp_player::*&&)(), 
video_network::rtsp_player*&&) (invoke.h:95)
==187844==    by 0x3B51F0: void std::thread::_Invoker<std::tuple<void 
(video_network::rtsp_player::*)(), video_network::rtsp_player*> 
 >::_M_invoke<0ul, 1ul>(std::_Index_tuple<0ul, 1ul>) (thread:264)
==187844==    by 0x3B51A5: std::thread::_Invoker<std::tuple<void 
(video_network::rtsp_player::*)(), video_network::rtsp_player*> 
 >::operator()() (thread:271)
==187844==    by 0x3B5027: 
std::thread::_State_impl<std::thread::_Invoker<std::tuple<void 
(video_network::rtsp_player::*)(), video_network::rtsp_player*> > 
 >::_M_run() (thread:215)
==187844==

Now uninitialised value in RTCP.cpp:460

void RTCPInstance::incomingReportHandler1() {
   do {
     if (fNumBytesAlreadyRead >= maxRTCPPacketSize) {
       envir() << "RTCPInstance error: Hit limit when reading incoming 
packet over TCP. (fNumBytesAlreadyRead ("
           << fNumBytesAlreadyRead << ") >= maxRTCPPacketSize (" << 
maxRTCPPacketSize
           << ")).  The remote endpoint is using a buggy implementation 
of RTP/RTCP-over-TCP.  Please upgrade it!\n";
       break;
     }

     unsigned numBytesRead;
     struct sockaddr_storage fromAddress;
     int tcpSocketNum;
     unsigned char tcpStreamChannelId;
     Boolean packetReadWasIncomplete;
     Boolean readResult
       = fRTCPInterface.handleRead(&fInBuf[fNumBytesAlreadyRead], 
maxRTCPPacketSize - fNumBytesAlreadyRead,
                   numBytesRead, fromAddress,
                   tcpSocketNum, tcpStreamChannelId,
                   packetReadWasIncomplete);

     unsigned packetSize = 0;
     if (packetReadWasIncomplete) {
       fNumBytesAlreadyRead += numBytesRead;
       return; // more reads are needed to get the entire packet
     } else { // normal case: We've read the entire packet
       packetSize = fNumBytesAlreadyRead + numBytesRead;
       fNumBytesAlreadyRead = 0; // for next time
     }
     if (!readResult) break;

     // Ignore the packet if it was looped-back from ourself:
     Boolean packetWasFromOurHost = False;
     if (RTCPgs()->wasLoopedBackFromUs(envir(), fromAddress)) {
       packetWasFromOurHost = True;
       // However, we still want to handle incoming RTCP packets from
       // *other processes* on the same machine.  To distinguish this
       // case from a true loop-back, check whether we've just sent a
       // packet of the same size.  (This check isn't perfect, but it seems
       // to be the best we can do.)
       if (fHaveJustSentPacket && fLastPacketSentSize == packetSize) {
     // This is a true loop-back:
     fHaveJustSentPacket = False;
     break; // ignore this packet
       }
     }

struct sockaddr_storage fromAddress; is uninitialized here

So in Groupsock.cpp:319 it's used

Boolean Groupsock::wasLoopedBackFromUs(UsageEnvironment& env,
                        struct sockaddr_storage const& fromAddressAndPort) {
   if (fromAddressAndPort.ss_family != AF_INET) return False; // later 
update for IPv6

   struct sockaddr_in const& fromAddressAndPort4 = (struct sockaddr_in 
const&)fromAddressAndPort;
   if (fromAddressAndPort4.sin_addr.s_addr == ourIPv4Address(env) ||
       fromAddressAndPort4.sin_addr.s_addr == 0x7F000001/*127.0.0.1*/) {
     if (portNum(fromAddressAndPort) == sourcePortNum()) {
#ifdef DEBUG_LOOPBACK_CHECKING
       if (DebugLevel >= 3) {
     env() << *this << ": got looped-back packet\n";
       }
#endif
       return True;
     }
   }

   return False;
}

This line:

if (fromAddressAndPort.ss_family != AF_INET) return False;

-- 
С уважением, Костромин Дмитрий Андреевич,
руководитель подразделения ЗАО НВП "Болид"
г.Орехово-Зуево



More information about the live-devel mailing list