| Summary: | fcntl syscall wrapper is missing flock structure check | ||
|---|---|---|---|
| Product: | [Developer tools] valgrind | Reporter: | Ivo Raisr <ivosh> |
| Component: | general | Assignee: | Ivo Raisr <ivosh> |
| Status: | RESOLVED FIXED | ||
| Severity: | normal | CC: | ivosh |
| Priority: | NOR | ||
| Version First Reported In: | 3.13 SVN | ||
| Target Milestone: | --- | ||
| Platform: | Compiled Sources | ||
| OS: | Linux | ||
| Latest Commit: | Version Fixed/Implemented In: | ||
| Sentry Crash Report: | |||
| Attachments: | the patch | ||
Created attachment 104688 [details]
the patch
Regression testing on x86/Linux and amd64/Linux passed successfully. Fixed in SVN r16287. |
Syscall wrapper for fcntl() is missing checks on flock structure. The following fcntl commands take 'struct flock' or 'struct flock64' as ARG3: - F_GETLK, F_SETLK, VKI_F_SETLKW, VKI_F_OFD_GETLK, VKI_F_OFD_SETLK, F_OFD_SETLKW: - VKI_F_GETLK64, VKI_F_SETLK64, VKI_F_SETLKW64 The kernel fcntl implementation always reads the following fields of flock or flock64: l_type, l_whence, l_start, l_len. In case of F_GETLK, F_OFD_GETLK, and F_GETLK64, field l_pid is going to be written. Therefore corresponding pre-field-read and post-field-write statements need to be in place.