Variable corruption when using ioctl?

Ruby
#1

I’m attempting to read the address assigned to an interface. After
calling ioctl(SIOCGIFADDR) - which is 0x8915 on my system - I find
that the destination buffer is corrupted and contains random garbage.
Here I do this twice, with different results:

irb(main):008:0> buf = [‘eth0’,’’].pack(‘a16h16’)
=>
“eth0\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000”
irb(main):009:0> s.ioctl(0x8915, buf)
=> 0
irb(main):010:0> buf
=>
“eth0\000\000\000\000\000\000\000\000\000\000\000\000\002\000\000\000\300\250\n\020\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\211\000\000\000\230n\b\b\370D\352\267Keiju
ISHITSUKA([email protected])\n\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\021”
irb(main):011:0>

irb(main):025:0> buf = [‘eth0’,’’].pack(‘a16h16’)
=>
“eth0\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000”
irb(main):026:0> s.ioctl(0x8915, buf)
=> 0
irb(main):027:0> buf
=>
"eth0\000\000\000\000\000\000\000\000\000\000\000\000\002\000\000\000\300\250\n\020\000\000\000\000\000\000\000\000\230\025\016\b\370D\352\267
:op\n\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\251\002\000\000\300\035\n\b\370D\352\267ex_state

EXPR_BEG\n\000*rest)\n\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\000\021"
irb(main):028:0>

Is this a bug?

I’m using irb / Ruby 1.8.2-1 on Debian Etch.

#2

A Sussex wrote:

I’m attempting to read the address assigned to an interface. After
calling ioctl(SIOCGIFADDR) - which is 0x8915 on my system - I find
that the destination buffer is corrupted and contains random garbage.

Well, on linux it can’t know the size of the argument given to
ioctl(2) and for this reason it give it to ioctl() an argument with
a default length of (256 + 1). This is why you see that buf has a
size of 257 after the call to #ioctl.

You must use only the valid part of buf after the call.

Guy Decoux

#3

Guy Decoux wrote:

You must use only the valid part of buf after the call.
So I guess I’m seeing bits of irb’s memory because the extended part
of buf isn’t initialised before use. (Please correct me if I’m wrong.)

Thanks for your help.