DynamoRIO / drmemory

Memory Debugger for Windows, Linux, Mac, and Android
Other
2.44k stars 262 forks source link

CryptProtectData result is marked uininitialized #512

Open derekbruening opened 9 years ago

derekbruening commented 9 years ago

From timurrrr@google.com on July 27, 2011 10:04:48

include

include

pragma comment(lib, "crypt32.lib")

include

int main() { DATA_BLOB input; std::string message = "0123456789ABCDEF"; // must be at least 16 chars in length to force the string growth. input.pbData = (BYTE*)message.data(); input.cbData = (DWORD)message.length();

DATA_BLOB output; BOOL result = CryptProtectData(&input, L"", NULL, NULL, NULL, 0, &output);

std::string encrypted; encrypted.assign((char*)output.pbData, output.cbData); return 0; }

Reports on XP 32-bits: Error #1: UNINITIALIZED READ: reading 0x0012ff08-0x0012ff0c 4 byte(s) @0:00:01.922 in thread 3060 0x00401661 <test.exe+0x1661> test.exe!std::basic_string<char,std::char_traits,std::allocator >::_Grow c:\program files\microsoft visual studio 9.0\vc\include\xstring:2120 0x004013b8 <test.exe+0x13b8> test.exe!std::basic_string<char,std::char_traits,std::allocator >::assign c:\program files\microsoft visual studio 9.0\vc\include\xstring:1074 0x00401209 <test.exe+0x1209> test.exe!main test.cpp:17

Error #2: UNINITIALIZED READ: reading register esi @0:00:01.938 in thread 3060 0x00402cbc <test.exe+0x2cbc> test.exe!memcpy_s f:\dd\vctools\crt_bld\self_x86\crt\src\memcpy_s.c:48 0x00401e68 <test.exe+0x1e68> test.exe!std::char_traits::_Copy_s c:\program files\microsoft visual studio 9.0\vc\include\iosfwd:465 0x00401e38 <test.exe+0x1e38> test.exe!std::_Traits_helper::copy_sstd::char_traits c:\program files\microsoft visual studio 9.0\vc\include\iosfwd:597 0x00401c86 <test.exe+0x1c86> test.exe!std::_Traits_helper::copy_sstd::char_traits c:\program files\microsoft visual studio 9.0\vc\include\iosfwd:589 0x004013dc <test.exe+0x13dc> test.exe!std::basic_string<char,std::char_traits,std::allocator >::assign c:\program files\microsoft visual studio 9.0\vc\include\xstring:1076 0x00401209 <test.exe+0x1209> test.exe!main test.cpp:17

Error #3: UNINITIALIZED READ: reading register eax @0:00:01.938 in thread 3060 0x0040163b <test.exe+0x163b> test.exe!std::char_traits::assign c:\program files\microsoft visual studio 9.0\vc\include\iosfwd:425 0x0040160b <test.exe+0x160b> test.exe!std::basic_string<char,std::char_traits,std::allocator >::_Eos c:\program files\microsoft visual studio 9.0\vc\include\xstring:2114 0x004013eb <test.exe+0x13eb> test.exe!std::basic_string<char,std::char_traits,std::allocator >::assign c:\program files\microsoft visual studio 9.0\vc\include\xstring:1077 0x00401209 <test.exe+0x1209> test.exe!main test.cpp:17

Original issue: http://code.google.com/p/drmemory/issues/detail?id=512

derekbruening commented 9 years ago

From timurrrr@google.com on July 27, 2011 07:06:42

FTR, Repro written during investigation of these two Chromium reports: http://build.chromium.org/p/chromium.fyi/builders/Windows%20Tests%20%28DrMemory%29/builds/4637/steps/memory%20test%3A%20unit/logs/stdio UNINITIALIZED READ: reading 0x4d64ee24-0x4d64ee28 4 byte(s)

1 std::basic_string<char,std::char_traits,std::allocator >::assign c:\program files\microsoft visual studio 9.0\vc\include\xstring:1067

2 Encryptor::EncryptString chrome\browser\password_manager\encryptor_win.cc:43

3 browser_sync::Cryptographer::PackBootstrapToken chrome\browser\sync\util\cryptographer.cc:203

4 browser_sync::Cryptographer::GetBootstrapToken chrome\browser\sync\util\cryptographer.cc:180

5 sync_api::SyncManager::SyncInternal::SetPassphrase chrome\browser\sync\engine\syncapi.cc:2043

6 sync_api::SyncManager::SetPassphrase chrome\browser\sync\engine\syncapi.cc:1690

UNINITIALIZED READ: reading register eax

1 modp_b64_encode third_party\modp_b64\modp_b64.cc:90

2 base::Base64Encode base\base64.cc:17

3 browser_sync::Cryptographer::PackBootstrapToken chrome\browser\sync\util\cryptographer.cc:208

4 browser_sync::Cryptographer::GetBootstrapToken chrome\browser\sync\util\cryptographer.cc:180

5 sync_api::SyncManager::SyncInternal::SetPassphrase chrome\browser\sync\engine\syncapi.cc:2043

6 sync_api::SyncManager::SetPassphrase chrome\browser\sync\engine\syncapi.cc:1690

derekbruening commented 9 years ago

From timurrrr@google.com on July 27, 2011 08:05:01

Small good news: I've forgotten "LocalFree(output.pbData);" at the end and Dr. Memory did find the memory leak.