Summary: | syscall wrapper for prctl(PR_SET_NAME) must not check more than 16 bytes | ||
---|---|---|---|
Product: | [Developer tools] valgrind | Reporter: | Peter (Stig) Edwards <thatsafunnyname.ra7qa> |
Component: | memcheck | Assignee: | Ivo Raisr <ivosh> |
Status: | ASSIGNED --- | ||
Severity: | minor | CC: | ivosh |
Priority: | NOR | ||
Version: | 3.12.0 | ||
Target Milestone: | --- | ||
Platform: | RedHat Enterprise Linux | ||
OS: | Linux | ||
Latest Commit: | Version Fixed In: | ||
Attachments: |
A hack of a patch that just duplicates the asciiz func with a _limit_len version.
patch utilizing VG_(strnlen) function patch utilizing VG_(strnlen) function II. patch utilizing VG_(strnlen) and VG_(strlcpy) functions III. |
Description
Peter (Stig) Edwards
2017-04-21 12:55:12 UTC
Yes, indeed. Kernel takes care to copy TASK_COMM_LEN at max. Please could you supply a patch with the fix? (In reply to Ivo Raisr from comment #1) > Yes, indeed. Kernel takes care to copy TASK_COMM_LEN at max. > Please could you supply a patch with the fix? Thank you for the quick response. I did look to see if I could find a quick fix. I was looking for a *asciiz function in memcheck/mc_main.c that could take a length limit so that I could pass TASK_COMM_LEN to it. I did not find one. I thought it might be possible in coregrind/m_syswrap/syswrap-linux.c::PRE(sys_prctl) VKI_PR_SET_NAME case to change PRE_MEM_RASCIIZ to a strnlen call with TASK_COMM_LEN and then call PRE_MEM_READ with size. I am not familiar with the valgrind codebase and I do not currently have time to work on a patch for this. Alright, I will prepare a patch myself together with a fix for small problem in rt_sigsuspend syscall wrapper. Created attachment 105142 [details]
A hack of a patch that just duplicates the asciiz func with a _limit_len version.
A hack of a patch that just duplicates the asciiz func with a _limit_len version. A proper fix would avoid the duplication of code.
Probably not that useful.
Created attachment 105145 [details]
patch utilizing VG_(strnlen) function
Based on your comment #2, I prepared a patch myself. Compared to yours, it uses completely different approach. I will defer to the community to judge which one suits better. Thank you very much for the patch, I built and tested and it works as expected. For the changes in coregrind/m_syswrap/syswrap-linux.c, I was thinking it might be better to use VKI_TASK_COMM_LEN ( as defined in include/vki/vki-linux.h ) and not 16. Created attachment 105170 [details]
patch utilizing VG_(strnlen) function II.
Good point. I've modified my patch to use VKI_TASK_COMM_LEN.
Created attachment 105178 [details]
patch utilizing VG_(strnlen) and VG_(strlcpy) functions III.
Modified the previous patch slightly based on comment by Matthias Schwarzott. POST(sys_prctl) syscall wrapper needs to take into account that ARG2 might not need to be nul-terminated. First part committed in SVN r16314. |