memcpy 分段错误。数据结构边界未对齐
memcpy segmentation fault. Misalignment of data structure boundaries
我正在尝试调试此错误,但已经有一段时间无法调试了。我曾尝试使用 memmove 作为替代方法,但这也会导致分段错误。
此问题中代码的 link 发布在 - http://pastebin.com/hiwV5G04
有人可以帮我理解我做错了什么吗?
//------------------------------------------------------------------------
// Somewhere in the main function, This is the piece of code I am executing
//------------------------------------------------------------------------
SslDecryptSession *ssl_session = malloc(sizeof(struct _SslDecryptSession ));
ssl_session->client_random.data = NULL; //Make the stuff point somewhere. Else can use malloc also here. Not sure if this is a problem
ssl_session->server_random.data= NULL;
const u_char *payload; /* Packet payload */
//Case for client random
printf("Client Random ");
for (cs_id = 11; cs_id < 43; cs_id++){
printf("%hhX", payload[cs_id] );
}
printf("\n");
cs_id=11;
ssl_session->client_random.data_len=32;
// Segmentation fault here
memcpy(ssl_session->client_random.data, payload[cs_id], 32);
涉及到的结构的定义是-
typedef struct _SslDecryptSession {
guchar _master_secret[SSL_MASTER_SECRET_LENGTH];
guchar _session_id[256];
guchar _client_random[32];
guchar _server_random[32];
StringInfo session_id;
StringInfo session_ticket;
StringInfo server_random;
StringInfo client_random;
StringInfo master_secret;
StringInfo handshake_data;
StringInfo pre_master_secret;
guchar _server_data_for_iv[24];
StringInfo server_data_for_iv;
guchar _client_data_for_iv[24];
StringInfo client_data_for_iv;
gint state;
SslCipherSuite cipher_suite;
SslDecoder *server;
SslDecoder *client;
SslDecoder *server_new;
SslDecoder *client_new;
gcry_sexp_t private_key;
StringInfo psk;
guint16 version_netorder;
StringInfo app_data_segment;
SslSession session;
} SslDecryptSession;
typedef struct _StringInfo {
guchar *data;
guint data_len;
} StringInfo
gdb 的输出是这样的
b 1985 // Putting a break point at line 1985 in my source code.
//Here this is eqvialent to line 83, that is "ssl_session->client_random.data_len=32;"
Breakpoint 1 at 0x403878: file Newversion.c, line 1985.
run //run the code in gdb
At breakpoint 1 the following info is in the variables
p ssl_session
= (SslDecryptSession *) 0x60fc50 // I put some data in ssl_session->version_netorder earlier. So it is not null here. Everything works fine here
p ssl_session->client_random.data
= (guchar *) 0x0
p ssl_session->client_random.data_len
= 32
step // Execute 1 more line in the code
// I reach at the memcpy line and I get this error then
Breakpoint 1, got_packet (args=0x0, header=0x7fffffffe2c0, packet=0x7ffff6939086 "P=5367") at Newversion.c:1995
1995 memcpy(ssl_session->client_random.data, payload[cs_id], 32);
(gdb)
(gdb) s
__memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:27
27 ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S: No such file or directory.
(gdb)
28 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
29 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
30 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
31 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
32 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
33 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
34 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
35 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
Program received signal SIGSEGV, Segmentation fault.
__memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:35
35 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
违规代码是:
memcpy(ssl_session->client_random.data, payload[cs_id], 32);
payload
定义为:
const u_char *payload;
memcpy
的操作数 2 似乎类型不匹配,您传递的不是指针而是整数。编译器应该报错警告,这样的警告不应该被忽略。
您是不是要使用 memset()
而不是 memcpy()
来初始化数据?
1-你忘记分配内存了
2- memcpy(ssl_session->client_random.data, &payload[cs_id], 32*sizeof(u_char)
SslDecryptSession *ssl_session = malloc(sizeof(struct _SslDecryptSession ));
ssl_session->client_random.data = NULL; //Make the stuff point somewhere. Else can use malloc also here. Not sure if this is a problem
ssl_session->server_random.data= NULL;
const u_char *payload; /* Packet payload */
//Case for client random
printf("Client Random ");
for (cs_id = 11; cs_id < 43; cs_id++){
printf("%hhX", payload[cs_id] );
}
printf("\n");
cs_id=11;
ssl_session->client_random.data_len=32;
guchar *pData = malloc(32*sizeof(guchar));
ssl_session->client_random.data = pData;
memcpy(ssl_session->client_random.data, &payload[cs_id], 32*sizeof(u_char);
代码中有很多地方似乎不对。有问题的行是:
memcpy(ssl_session->client_random.data, payload[cs_id], 32);
这一行会将payload[cs_id]指向的内容复制到ssl_session->client_random.data指向的地址。将对 32 个字节执行此操作。
您向 memcpy 提供了 payload 的内容而不是它的地址,因此您在编译时收到了警告。
你的意思可能类似于
memcpy(ssl_session->client_random.data, &payload[cs_id], 32); // Note the & symbol
此外,您的代码中有一条注释表明您不确定是否应使用 malloc。你会的。
在您提供的代码片段中,有效负载未初始化(因此,值不可预测)并且 ssl_session->client_random.data 初始化为 NULL。这意味着您尝试在地址 0 处写入,这肯定会引发段错误。此外,在地址 0 写入之前,您在内存中读取了一个随机地址,这很可能也会引发异常。
要解决此问题,请确保您的 OS 已为您提供内存 space,以便在 reading/writing 之前使用。
const u_char payload[43]; // 43 is based on the example you provided
...
ssl_session->client_random.data = malloc(sizeof(u_char)*32); // Also based on your example
...
memcpy(ssl_session->client_random.data, &payload[cs_id], 32);
希望对您有所帮助。
我正在尝试调试此错误,但已经有一段时间无法调试了。我曾尝试使用 memmove 作为替代方法,但这也会导致分段错误。 此问题中代码的 link 发布在 - http://pastebin.com/hiwV5G04
有人可以帮我理解我做错了什么吗?
//------------------------------------------------------------------------
// Somewhere in the main function, This is the piece of code I am executing
//------------------------------------------------------------------------
SslDecryptSession *ssl_session = malloc(sizeof(struct _SslDecryptSession ));
ssl_session->client_random.data = NULL; //Make the stuff point somewhere. Else can use malloc also here. Not sure if this is a problem
ssl_session->server_random.data= NULL;
const u_char *payload; /* Packet payload */
//Case for client random
printf("Client Random ");
for (cs_id = 11; cs_id < 43; cs_id++){
printf("%hhX", payload[cs_id] );
}
printf("\n");
cs_id=11;
ssl_session->client_random.data_len=32;
// Segmentation fault here
memcpy(ssl_session->client_random.data, payload[cs_id], 32);
涉及到的结构的定义是-
typedef struct _SslDecryptSession {
guchar _master_secret[SSL_MASTER_SECRET_LENGTH];
guchar _session_id[256];
guchar _client_random[32];
guchar _server_random[32];
StringInfo session_id;
StringInfo session_ticket;
StringInfo server_random;
StringInfo client_random;
StringInfo master_secret;
StringInfo handshake_data;
StringInfo pre_master_secret;
guchar _server_data_for_iv[24];
StringInfo server_data_for_iv;
guchar _client_data_for_iv[24];
StringInfo client_data_for_iv;
gint state;
SslCipherSuite cipher_suite;
SslDecoder *server;
SslDecoder *client;
SslDecoder *server_new;
SslDecoder *client_new;
gcry_sexp_t private_key;
StringInfo psk;
guint16 version_netorder;
StringInfo app_data_segment;
SslSession session;
} SslDecryptSession;
typedef struct _StringInfo {
guchar *data;
guint data_len;
} StringInfo
gdb 的输出是这样的
b 1985 // Putting a break point at line 1985 in my source code.
//Here this is eqvialent to line 83, that is "ssl_session->client_random.data_len=32;"
Breakpoint 1 at 0x403878: file Newversion.c, line 1985.
run //run the code in gdb
At breakpoint 1 the following info is in the variables
p ssl_session
= (SslDecryptSession *) 0x60fc50 // I put some data in ssl_session->version_netorder earlier. So it is not null here. Everything works fine here
p ssl_session->client_random.data
= (guchar *) 0x0
p ssl_session->client_random.data_len
= 32
step // Execute 1 more line in the code
// I reach at the memcpy line and I get this error then
Breakpoint 1, got_packet (args=0x0, header=0x7fffffffe2c0, packet=0x7ffff6939086 "P=5367") at Newversion.c:1995
1995 memcpy(ssl_session->client_random.data, payload[cs_id], 32);
(gdb)
(gdb) s
__memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:27
27 ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S: No such file or directory.
(gdb)
28 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
29 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
30 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
31 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
32 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
33 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
34 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
35 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb)
Program received signal SIGSEGV, Segmentation fault.
__memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:35
35 in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
违规代码是:
memcpy(ssl_session->client_random.data, payload[cs_id], 32);
payload
定义为:
const u_char *payload;
memcpy
的操作数 2 似乎类型不匹配,您传递的不是指针而是整数。编译器应该报错警告,这样的警告不应该被忽略。
您是不是要使用 memset()
而不是 memcpy()
来初始化数据?
1-你忘记分配内存了
2- memcpy(ssl_session->client_random.data, &payload[cs_id], 32*sizeof(u_char)
SslDecryptSession *ssl_session = malloc(sizeof(struct _SslDecryptSession ));
ssl_session->client_random.data = NULL; //Make the stuff point somewhere. Else can use malloc also here. Not sure if this is a problem
ssl_session->server_random.data= NULL;
const u_char *payload; /* Packet payload */
//Case for client random
printf("Client Random ");
for (cs_id = 11; cs_id < 43; cs_id++){
printf("%hhX", payload[cs_id] );
}
printf("\n");
cs_id=11;
ssl_session->client_random.data_len=32;
guchar *pData = malloc(32*sizeof(guchar));
ssl_session->client_random.data = pData;
memcpy(ssl_session->client_random.data, &payload[cs_id], 32*sizeof(u_char);
代码中有很多地方似乎不对。有问题的行是:
memcpy(ssl_session->client_random.data, payload[cs_id], 32);
这一行会将payload[cs_id]指向的内容复制到ssl_session->client_random.data指向的地址。将对 32 个字节执行此操作。
您向 memcpy 提供了 payload 的内容而不是它的地址,因此您在编译时收到了警告。
你的意思可能类似于
memcpy(ssl_session->client_random.data, &payload[cs_id], 32); // Note the & symbol
此外,您的代码中有一条注释表明您不确定是否应使用 malloc。你会的。
在您提供的代码片段中,有效负载未初始化(因此,值不可预测)并且 ssl_session->client_random.data 初始化为 NULL。这意味着您尝试在地址 0 处写入,这肯定会引发段错误。此外,在地址 0 写入之前,您在内存中读取了一个随机地址,这很可能也会引发异常。
要解决此问题,请确保您的 OS 已为您提供内存 space,以便在 reading/writing 之前使用。
const u_char payload[43]; // 43 is based on the example you provided
...
ssl_session->client_random.data = malloc(sizeof(u_char)*32); // Also based on your example
...
memcpy(ssl_session->client_random.data, &payload[cs_id], 32);
希望对您有所帮助。