memcpy 分段错误。数据结构边界未对齐

memcpy segmentation fault. Misalignment of data structure boundaries

我正在尝试调试此错误,但已经有一段时间无法调试了。我曾尝试使用 memmove 作为替代方法,但这也会导致分段错误。 此问题中代码的 link 发布在 - http://pastebin.com/hiwV5G04

有人可以帮我理解我做错了什么吗?

//------------------------------------------------------------------------
// Somewhere in the main function, This is the piece of code I am executing
//------------------------------------------------------------------------
SslDecryptSession *ssl_session = malloc(sizeof(struct _SslDecryptSession ));
ssl_session->client_random.data = NULL;  //Make the stuff point somewhere. Else can use malloc also here. Not sure if this is a problem
ssl_session->server_random.data= NULL;
const u_char *payload;                  /* Packet payload */
//Case for client random
printf("Client Random ");
for (cs_id = 11; cs_id < 43; cs_id++){
printf("%hhX", payload[cs_id] );
}
printf("\n");
cs_id=11;
ssl_session->client_random.data_len=32;
// Segmentation fault here
memcpy(ssl_session->client_random.data, payload[cs_id], 32);

涉及到的结构的定义是-

typedef struct _SslDecryptSession {
guchar _master_secret[SSL_MASTER_SECRET_LENGTH];
guchar _session_id[256];
guchar _client_random[32];
guchar _server_random[32];
StringInfo session_id;
StringInfo session_ticket;
StringInfo server_random;
StringInfo client_random;
StringInfo master_secret;
StringInfo handshake_data;
StringInfo pre_master_secret;
guchar _server_data_for_iv[24];
StringInfo server_data_for_iv;
guchar _client_data_for_iv[24];
StringInfo client_data_for_iv;

gint state;
SslCipherSuite cipher_suite;
SslDecoder *server;
SslDecoder *client;
SslDecoder *server_new;
SslDecoder *client_new;
gcry_sexp_t private_key;
StringInfo psk;
guint16 version_netorder;
 StringInfo app_data_segment;
    SslSession session;
} SslDecryptSession;


typedef struct _StringInfo {
    guchar  *data;         
    guint    data_len;  
   } StringInfo

gdb 的输出是这样的

b 1985    // Putting a break point at line 1985 in my source code. 
//Here this is eqvialent to line 83, that is "ssl_session->client_random.data_len=32;"
Breakpoint 1 at 0x403878: file Newversion.c, line 1985.
run       //run the code in gdb
At breakpoint 1 the following info is in the variables
p ssl_session
 = (SslDecryptSession *) 0x60fc50   // I put some data in ssl_session->version_netorder earlier. So it is not null here. Everything works fine here
p ssl_session->client_random.data
 = (guchar *) 0x0
p ssl_session->client_random.data_len
 = 32
step  // Execute 1 more line in the code
// I reach at the memcpy line and I get this error then
Breakpoint 1, got_packet (args=0x0, header=0x7fffffffe2c0, packet=0x7ffff6939086 "P=5367") at Newversion.c:1995
1995                memcpy(ssl_session->client_random.data, payload[cs_id], 32);
(gdb) 
(gdb) s
__memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:27
27  ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S: No such file or directory.
(gdb) 
28  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb) 
29  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb) 
30  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb) 
31  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb) 
32  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb) 
33  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb) 
34  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb) 
35  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S
(gdb) 

Program received signal SIGSEGV, Segmentation fault.
__memcpy_sse2_unaligned () at ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S:35
35  in ../sysdeps/x86_64/multiarch/memcpy-sse2-unaligned.S

违规代码是:

memcpy(ssl_session->client_random.data, payload[cs_id], 32);

payload定义为:

const u_char *payload;

memcpy 的操作数 2 似乎类型不匹配,您传递的不是指针而是整数。编译器应该报错警告,这样的警告不应该被忽略。

您是不是要使用 memset() 而不是 memcpy() 来初始化数据?

1-你忘记分配内存了

2- memcpy(ssl_session->client_random.data, &payload[cs_id], 32*sizeof(u_char)

    SslDecryptSession *ssl_session = malloc(sizeof(struct _SslDecryptSession ));
    ssl_session->client_random.data = NULL;  //Make the stuff point somewhere. Else can use malloc also here. Not sure if this is a problem
    ssl_session->server_random.data= NULL;

    const u_char *payload;                  /* Packet payload */
    //Case for client random

    printf("Client Random ");
    for (cs_id = 11; cs_id < 43; cs_id++){
            printf("%hhX", payload[cs_id] );
    }
    printf("\n");


    cs_id=11;
    ssl_session->client_random.data_len=32;
    guchar  *pData = malloc(32*sizeof(guchar));  
    ssl_session->client_random.data = pData;
    memcpy(ssl_session->client_random.data, &payload[cs_id], 32*sizeof(u_char);

代码中有很多地方似乎不对。有问题的行是:

memcpy(ssl_session->client_random.data, payload[cs_id], 32);

这一行会将payload[cs_id]指向的内容复制到ssl_session->client_random.data指向的地址。将对 32 个字节执行此操作。

您向 memcpy 提供了 payload 的内容而不是它的地址,因此您在编译时收到了警告。

你的意思可能类似于

memcpy(ssl_session->client_random.data, &payload[cs_id], 32); // Note the & symbol

此外,您的代码中有一条注释表明您不确定是否应使用 malloc。你会的。

在您提供的代码片段中,有效负载未初始化(因此,值不可预测)并且 ssl_session->client_random.data 初始化为 NULL。这意味着您尝试在地址 0 处写入,这肯定会引发段错误。此外,在地址 0 写入之前,您在内存中读取了一个随机地址,这很可能也会引发异常。

要解决此问题,请确保您的 OS 已为您提供内存 space,以便在 reading/writing 之前使用。

const u_char payload[43];  // 43 is based on the example you provided
...
ssl_session->client_random.data = malloc(sizeof(u_char)*32); // Also based on your example
...
memcpy(ssl_session->client_random.data, &payload[cs_id], 32);

希望对您有所帮助。