PubSub/Server demo: heap-use-after-free after starting the PubSub using Start/Stop node
PubSub status was set to 0 and after trying to set the PubSub start/stop command to 1 the following error occured:
TEST_PASSWORD_PRIVATE_KEY=password TEST_PASSWORD_USER=password ./pubsub_server
"Try connect using SecurityPolicy 'http://opcfoundation.org/UA/SecurityPolicy#None', MessageSecurityMode '1'"
=================================================================
==15627==ERROR: AddressSanitizer: heap-use-after-free on address 0x60c000000c98 at pc 0x0000004dff48 bp 0x7f3a70df7720 sp 0x7f3a70df7718
READ of size 2 at 0x60c000000c98 thread T8
#0 0x4dff47 in SOPC_PubSubConnection_Nb_ReaderGroup /users/vincent/git/S2OPC_clone/src/PubSub/common/sopc_pubsub_conf.c:608
#1 0x50948a in SOPC_Sub_GetReaderGroup /users/vincent/git/S2OPC_clone/src/PubSub/subscriber/sopc_reader_layer.c:117
#2 0x50558d in SOPC_UADP_NetworkMessage_Decode /users/vincent/git/S2OPC_clone/src/PubSub/network/sopc_network_layer.c:1556
#3 0x509398 in SOPC_Reader_Read_UADP /users/vincent/git/S2OPC_clone/src/PubSub/subscriber/sopc_reader_layer.c:97
#4 0x4f6601 in on_message_received /users/vincent/git/S2OPC_clone/src/PubSub/subscriber/sopc_sub_scheduler.c:453
#5 0x4f63e1 in on_mqtt_message_received /users/vincent/git/S2OPC_clone/src/PubSub/subscriber/sopc_sub_scheduler.c:393
#6 0x508357 in cb_msg_arrived /users/vincent/git/S2OPC_clone/src/PubSub/protocol/sopc_mqtt_transport_layer.c:306
#7 0x621475 in MQTTAsync_deliverMessage (/users/vincent/git/S2OPC_clone/build/bin/pubsub_server+0x621475)
#8 0x62179e in Protocol_processPublication (/users/vincent/git/S2OPC_clone/build/bin/pubsub_server+0x62179e)
#9 0x626cda in MQTTProtocol_handlePubrels (/users/vincent/git/S2OPC_clone/build/bin/pubsub_server+0x626cda)
#10 0x624a39 in MQTTAsync_cycle (/users/vincent/git/S2OPC_clone/build/bin/pubsub_server+0x624a39)
#11 0x61f9ab in MQTTAsync_receiveThread (/users/vincent/git/S2OPC_clone/build/bin/pubsub_server+0x61f9ab)
#12 0x7f3a77b16608 in start_thread /build/glibc-SzIz7B/glibc-2.31/nptl/pthread_create.c:477
#13 0x7f3a77c66132 in __clone (/lib/x86_64-linux-gnu/libc.so.6+0x11f132)
0x60c000000c98 is located 88 bytes inside of 128-byte region [0x60c000000c40,0x60c000000cc0)
freed by thread T0 here:
#0 0x492137 in __interceptor_free (/users/vincent/git/S2OPC_clone/build/bin/pubsub_server+0x492137)
#1 0x63e4ff in SOPC_Free /users/vincent/git/S2OPC_clone/src/Common/helpers_platform_dep/linux/p_sopc_mem_alloc.c:32
#2 0x4de48b in SOPC_PubSubConfiguration_Delete /users/vincent/git/S2OPC_clone/src/PubSub/common/sopc_pubsub_conf.c:296
#3 0x4dcca3 in free_global_configurations /users/vincent/git/S2OPC_clone/samples/PubSub_ClientServer/pubsub_server/pubsub.c:496
#4 0x4dc81b in PubSub_Configure /users/vincent/git/S2OPC_clone/samples/PubSub_ClientServer/pubsub_server/pubsub.c:328
#5 0x4d4e6d in main /users/vincent/git/S2OPC_clone/samples/PubSub_ClientServer/pubsub_server/main.c:208
#6 0x7f3a77b6b082 in __libc_start_main ../csu/libc-start.c:308
The configuration was the following:
<PubSub xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="s2opc_pubsub_config.xsd">
<!-- one to many -->
<connection address="mqtts://10.103.119.54:1883" mode="publisher" publisherId="i=42" mqttUsername="user1" mqttPassword="password">
<!-- one to many -->
<message groupId="14" groupVersion="1" publishingInterval="100." securityMode="signAndEncrypt">
<skserver endpointUrl="opc.tcp://10.103.119.54:4841" serverCertPath="./server_public/server_4k_cert.der" />
<dataset>
<!-- one to many -->
<variable nodeId="ns=1;s=PubBool" displayName="varBool" dataType="Boolean"/>
<variable nodeId="ns=1;s=PubString" displayName="varString" dataType="String"/>
<!-- the nodeId is used to retrieve the variable in the adresse space -->
</dataset>
</message>
<message groupId="15" groupVersion="1" publishingInterval="1000.">
<dataset>
<!-- one to many -->
<variable nodeId="ns=1;s=PubInt" displayName="varInt" dataType="Int64"/>
<variable nodeId="ns=1;s=PubUInt" displayName="varUInt" dataType="UInt64"/>
</dataset>
</message>
</connection>
<connection address="mqtts://10.103.119.54:1883" mode="subscriber" mqttUsername="user1" mqttPassword="password">
<message groupId="14" groupVersion="1" publishingInterval="100." publisherId="i=42" securityMode="signAndEncrypt">
<skserver endpointUrl="opc.tcp://10.103.119.54:4841" serverCertPath="./server_public/server_4k_cert.der" />
<dataset>
<variable nodeId="ns=1;s=SubBool" displayName="varBool" dataType="Boolean"/>
<variable nodeId="ns=1;s=SubString" displayName="varString" dataType="String"/>
</dataset>
</message>
<message groupId="15" groupVersion="1" publishingInterval="1000." publisherId="i=42">
<dataset>
<variable nodeId="ns=1;s=SubInt" displayName="varInt" dataType="Int64"/>
<variable nodeId="ns=1;s=SubUInt" displayName="varUInt" dataType="UInt64"/>
</dataset>
</message>
</connection>
</PubSub>