Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

PfRingDevice::startCaptureSingleThread maybe crash after exits the funtion #1664

Open
prudens opened this issue Dec 19, 2024 · 1 comment · Fixed by #1679 · May be fixed by #1668
Open

PfRingDevice::startCaptureSingleThread maybe crash after exits the funtion #1664

prudens opened this issue Dec 19, 2024 · 1 comment · Fixed by #1679 · May be fixed by #1668
Labels

Comments

@prudens
Copy link
Contributor

prudens commented Dec 19, 2024

Bug description

Describe the bug
in PfRingDevice.cpp file, has a functio named PfRingDevice::startCaptureMultiThread.

When this function executes to cond.notify_all() and then exits the function. However, since variables like cond are passed to the thread above in the form of pointers to be called in another thread, if this function finishes executing before the thread, cond may become an invalid pointer.

Code example to reproduce

bool PfRingDevice::startCaptureMultiThread(OnPfRingPacketsArriveCallback onPacketsArrive, void* onPacketsArriveUserCookie, CoreMask coreMask)
{
...
	        std::mutex mutex;
	        std::condition_variable cond;
...
		m_CoreConfiguration[coreId].Channel = m_PfRingDescriptors[rxChannel++];
		m_CoreConfiguration[coreId].RxThread = std::thread(&pcpp::PfRingDevice::captureThreadMain, this, &cond, &mutex, &startThread);
...
	startThread = 2;
	cond.notify_all();
}
void PfRingDevice::captureThreadMain(std::condition_variable* startCond, std::mutex* startMutex, const int* startState)
{
	while (*startState == 0)
	{
		std::unique_lock<std::mutex> lock(*startMutex);
		startCond->wait_for(lock, std::chrono::milliseconds(100));
	}
	if (*startState == 1)
	{
		return;
	}
        ...
}

Expected behavior
Perhaps the logic should be changed to pass in shared_ptr objects, promise objects, or implement other safe control logic?

PcapPlusPlus versions tested on

v23.09

Other PcapPlusPlus version (if applicable)

No response

Operating systems tested on

Linux

Other operation systems (if applicable)

No response

Compiler version

clang 18

Packet capture backend (if applicable)

No response

@prudens prudens added the bug label Dec 19, 2024
@Dimi1010
Copy link
Collaborator

Wow... that mutex and cv should very much not be on the function stack...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
2 participants