PcapPlusPlus icon indicating copy to clipboard operation
PcapPlusPlus copied to clipboard
verified publisher icon seladb

Unaligned packet field (UBSanitizer error report) plus warnings...

Open nbooster opened this issue 3 months ago • 4 comments

Hello,

I just observer this from the UBSanitizer(GCC: -fsanitize=undefined):

/home/.../pcap++-src/Packet++/header/Packet.h:347:8: runtime error: member access within address 0x79e286800cb0 which does not point to an object of type 'Packet'
0x79e286800cb0: note: object has invalid vptr
 00 00 00 00  10 98 85 00 00 00 00 00  60 0c 80 86 e2 79 00 00  e0 b1 00 00 60 50 00 00  00 b3 00 00
              ^~~~~~~~~~~~~~~~~~~~~~~
              invalid vptr
/home/.../pcap++-src/Packet++/header/Packet.h:112:22: runtime error: member call on address 0x79e286800cb0 which does not point to an object of type 'Packet'
0x79e286800cb0: note: object has invalid vptr
 00 00 00 00  10 98 85 00 00 00 00 00  60 0c 80 86 e2 79 00 00  e0 b1 00 00 60 50 00 00  00 b3 00 00
              ^~~~~~~~~~~~~~~~~~~~~~~
              invalid vptr

That implies unaligned memory access (which slows down the program most of the times).

I am just reading a compressed pcapng file using these functions only:

pcpp::PcapNgFileReaderDevice reader(filePath.data());
reader.open();
pcpp::RawPacket rawPacket;
reader.getNextPacket(rawPacket);
pcpp::Packet parsedPacket(std::addressof(rawPacket));
parsedPacket.isPacketOfType(pcpp::TCP);
tcpLayer->getLayerPayloadSize();
udpLayer->getLayerPayload();
parsedPacket.getLayerOfType<pcpp::TcpLayer>();

Also I get multiple warnings of these types:

-Weffc++
-Wsuggest-override
-Wconversion
-Wpedantic
-Wold-style-cast

when I include these files:

#include <Packet.h>
#include <UdpLayer.h>
#include <TcpLayer.h>
#include <PcapFileDevice.h>

It would be nice if these can get fixed somehow...

Thank You.

nbooster avatar Oct 21 '25 09:10 nbooster

@nbooster feel free to open a PR with a fix, and we can discuss the fix there 🙂

seladb avatar Oct 21 '25 09:10 seladb

I haven't found the root cause yet (of the UB)...

Also something else very quickly:

it says here: https://github.com/seladb/PcapPlusPlus/issues/1973 that #1962 added this function to dev branch: pcpp::PcapNgFileReaderDevice::isZstdSupported()

I just downloaded again and build it but the function is not there... Maybe we wait until it gets to the master ?

nbooster avatar Oct 21 '25 09:10 nbooster

Also something else very quickly:

it says here: #1973 that #1962 added this function to dev branch: pcpp::PcapNgFileReaderDevice::isZstdSupported()

I just downloaded again and build it but the function is not there... Maybe we wait until it gets to the master ?

#1962 is not yet merged, the note in #1973 is to notify why #1962 is linked to the issue. Also #1973 is not closed, so the issue is still not considered "fixed".

PS: Updated the wording to "will add" to avoid confusion. 🙂

Dimi1010 avatar Oct 21 '25 10:10 Dimi1010

I haven't found the root cause yet (of the UB)...

If you have time to explore, please let us know your findings and we can see who has time to provide a fix

seladb avatar Oct 22 '25 06:10 seladb