377930 – fcntl syscall wrapper is missing flock structure check

Bug 377930 - fcntl syscall wrapper is missing flock structure check

Summary: fcntl syscall wrapper is missing flock structure check

Status:	RESOLVED FIXED

Alias:	None

Product:	valgrind
Classification:	Developer tools
Component:	general (show other bugs)
Version:	3.13 SVN
Platform:	Compiled Sources Linux

Importance:	NOR normal
Target Milestone:	---
Assignee:	Ivo Raisr

URL:
Keywords:

Depends on:
Blocks:

Reported:	2017-03-22 14:43 UTC by Ivo Raisr
Modified:	2017-03-27 05:06 UTC (History)
CC List:	1 user (show)

See Also:
Latest Commit:
Version Fixed In:

Attachments
the patch (6.52 KB, patch) 2017-03-22 14:45 UTC, Ivo Raisr	Details
View All Add an attachment

Note You need to log in before you can comment on or make changes to this bug.

Description Ivo Raisr 2017-03-22 14:43:28 UTC

Syscall wrapper for fcntl() is missing checks on flock structure.

The following fcntl commands take 'struct flock' or 'struct flock64' as ARG3:
-   F_GETLK, F_SETLK, VKI_F_SETLKW, VKI_F_OFD_GETLK, VKI_F_OFD_SETLK,
    F_OFD_SETLKW:
- VKI_F_GETLK64, VKI_F_SETLK64, VKI_F_SETLKW64

The kernel fcntl implementation always reads the following fields of flock or flock64: l_type, l_whence, l_start, l_len.
In case of F_GETLK, F_OFD_GETLK, and F_GETLK64, field l_pid is going to be written.

Therefore corresponding pre-field-read and post-field-write statements need to be in place.

Comment 1 Ivo Raisr 2017-03-22 14:45:44 UTC

Created attachment 104688 [details]
the patch

Comment 2 Ivo Raisr 2017-03-22 15:11:23 UTC

Regression testing on x86/Linux and amd64/Linux passed successfully.

Comment 3 Ivo Raisr 2017-03-27 05:06:59 UTC

Fixed in SVN r16287.