Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: Check for null image name before comparing strings #321

Merged
merged 2 commits into from
Dec 6, 2018
Merged

fix: Check for null image name before comparing strings #321

merged 2 commits into from
Dec 6, 2018

Conversation

kattrali
Copy link
Contributor

@kattrali kattrali commented Dec 5, 2018

If the number of loaded images changes between when _dyld_image_count()
is computed and when _dyld_get_image_name() is called, there can be less
images than the count suggests. In this case, _dyld_get_image_name()
returns NULL, and the lack of a check would crash the app (again?)
because both arguments to strcmp are required to be non-null. The
resulting exception backtrace looks somewhat like this:

_platform_strcmp
bsg_ksdlimageNamed (BSG_KSDynamicLinker.c:41:21)
bsg_ksdlimageUUID (BSG_KSDynamicLinker.c:56:31)
+[BSG_KSSystemInfo appUUID] (BSG_KSSystemInfo.m:158:13)
+[BSG_KSSystemInfo systemInfo] (BSG_KSSystemInfo.m:432:5)
(any access to systemInfo, from an API client, etc)

Tests

This one is difficult to verify manually or to write a test for, (short of swapping out the implementation of _dyld_image_count() to immediately unload an image), but the intent should be easy to follow from the source exception.

Review

Outstanding Questions

  • This pull request is ready for:
    • Initial review of the intended approach, not yet feature complete
    • Structural review of the classes, functions, and properties modified
    • Final review
  • Consistency between the changeset and the goal stated above
  • Idiomatic use of the language

@kattrali
fix: Check for null image name before comparing strings
73e024b 
If the number of loaded images changes between when _dyld_image_count()
is computed and when _dyld_get_image_name() is called, there can be less
images than the count suggests. In this case, _dyld_get_image_name()
returns NULL, and the lack of a check would crash the app (again?)
because both arguments to strcmp are required to be non-null. The
resulting exception backtrace looks somewhat like this:

```
_platform_strcmp
bsg_ksdlimageNamed (BSG_KSDynamicLinker.c:41:21)
bsg_ksdlimageUUID (BSG_KSDynamicLinker.c:56:31)
+[BSG_KSSystemInfo appUUID] (BSG_KSSystemInfo.m:158:13)
+[BSG_KSSystemInfo systemInfo] (BSG_KSSystemInfo.m:432:5)
-[BugsnagSessionTrackingPayload toJson] (BugsnagSessionTrackingPayload.m:48:5)
```
@kattrali kattrali force-pushed the kattrali/fix-crash-in-async-unload branch from 6fa2ee6 to 73e024b Compare December 5, 2018 20:49
@fractalwrench fractalwrench self-requested a review December 6, 2018 10:19
fractalwrench
fractalwrench reviewed Dec 6, 2018
View reviewed changes
Copy link
Contributor

@fractalwrench fractalwrench left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I believe this should work for the specific case we've encountered. Do we have a reproduction case for the behaviour that would allow us to test out the scenario and confirm this?

Searching the entire codebase for usages of dyld functions reveals a few more sites which don't have null checks e.g. BSG_KSSystemInfo.m 364 (and various others). My understanding is that some of these are ok, because KSCrash will suspend all threads when reporting an error, but some either require a NULL check or additional synchronization.

@kattrali
Copy link
Contributor Author

kattrali commented Dec 6, 2018

BSG_KSSystemInfo.m 364 (and various others

This one in particular is "safe", as its loading the first image from the array, and there's going to be at least one image at all times.

I went through a few other code paths in the dynamic linker though and while I can see how they eventually nope out if the image header or name is null, I'll add a few more explicit checks.

@fractalwrench fractalwrench self-requested a review December 6, 2018 17:03
fractalwrench
fractalwrench approved these changes Dec 6, 2018
View reviewed changes
Copy link
Contributor

@fractalwrench fractalwrench left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Approved pending CI checks

@kattrali kattrali merged commit 814f3a5 into master Dec 6, 2018
@kattrali kattrali deleted the kattrali/fix-crash-in-async-unload branch December 6, 2018 19:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@fractalwrench fractalwrench fractalwrench approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@kattrali @fractalwrench