search

metalbear-co / mirrord

Connect your local process and your cloud environment, and run local code in cloud conditions.
https://mirrord.dev
MIT License
3.83k stars 105 forks source link

regression from hide_ipv6_interfaces #2903

Closed aviramha closed 1 week ago

aviramha commented 2 weeks ago

User started crashing on macOS with the hook enabled. Running a Java Bootspring app. mirrord.json

{
  "target": {
    "namespace": "stage",
    "path": "rollout/C"
  },
  "feature": {
    "fs": true,
    "env": {
      "override": {
        "JAVA_OPTS": ""
      }
    },
    "network": {
      "incoming": {
        "ignore_ports": [9119, 8080]
      },
      "dns": true
    }
  }
}

Crash report (from Console):

Thread 2 Crashed:
0   libsystem_kernel.dylib                 0x192cd15f0 __pthread_kill + 8
1   libsystem_pthread.dylib                0x192d09c20 pthread_kill + 288
2   libsystem_c.dylib                      0x192c16a30 abort + 180
3   libsystem_malloc.dylib                 0x192b26dc4 malloc_vreport + 896
4   libsystem_malloc.dylib                 0x192b2a430 malloc_report + 64
5   libsystem_malloc.dylib                 0x192b44494 find_zone_and_free + 528
6   13673373759347336826-libmirrord_layer_arm64.dylib          0x10560f258 mirrord_layer::socket::ops::getifaddrs::ha84c6adc12fd5c9b + 1084
7   13673373759347336826-libmirrord_layer_arm64.dylib          0x10562e0b8 mirrord_layer::socket::hooks::getifaddrs_detour::hf7a35b7d241ec18a + 128
8   ???                                    0x1049a890c ???
9   libnet.dylib                           0x1054c93f8 enumInterfaces + 48
10  libnet.dylib                           0x1054ca264 Java_java_net_NetworkInterface_getAll + 36
11  ???                                    0x112c67670 ???
12  ???                                    0x112c62150 ???
13  ???                                    0x112c62150 ???
14  ???                                    0x112c62150 ???
15  ???                                    0x112c5c140 ???

related #2842 #2895 #2849

linear[bot] commented 2 weeks ago

MBE-512 regression from hide_ipv6_interfaces

aviramha commented 2 weeks ago

Looking into the code, I believe we have a major implementation issue. We get the interfaces from FN_GETIFADDRS which mallocs it for us We create a new list, that isn't malloc'd on its own, then we free it (free in middle of block, that shouldn't work in general) and when it does work - it means we're using after free because it actually frees our block as well!

we need to change the implementation so we'll use malloc to create our own, clean list then free the original one.