From: Eugene Syromyatnikov <evgsyr-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: strace-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Cc: dm-devel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
mpatocka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org
Subject: [PATCH 03/21] tests: Working around bounds check
Date: Sun, 9 Oct 2016 16:28:48 +0300 [thread overview]
Message-ID: <20161009132848.GA2046@obsidian> (raw)
In-Reply-To: <20161005.192828.566127461630656590.yamato-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
When building with -Wp,-D_FORTIFY_SOURCE=2, dompiler produces the
following warning:
In file included from /usr/include/string.h:638:0,
from ioctl_dm.c:4:
In function ‘strcpy’,
inlined from ‘main’ at ioctl_dm.c:57:8:
/usr/include/bits/string3.h:104:3: warning: call to __builtin___strcpy_chk will always overflow destination buffer [enabled by default]
return __builtin___strcpy_chk (__dest, __src, __bos (__dest));
^
And later it aborts:
[ 200s] FAIL: ioctl_dm
[ 200s] ==============
[ 200s]
[ 200s] + ../strace -V
[ 200s] + TIMEOUT='timeout -s 9 60'
[ 200s] + timeout -s 9 60 true
[ 200s] + exec timeout -s 9 60 ./ioctl_dm.test
[ 200s] + run_prog
[ 200s] + '[' 0 -eq 0 ']'
[ 200s] + set -- ./ioctl_dm
[ 200s] + args=./ioctl_dm
[ 200s] + ./ioctl_dm
[ 200s] *** buffer overflow detected ***: ./ioctl_dm terminated
[ 200s] ======= Backtrace: =========
[ 200s] /lib64/libc.so.6(__fortify_fail+0x37)[0x7fbc8fa1acb7]
[ 200s] /lib64/libc.so.6(+0x10be80)[0x7fbc8fa18e80]
[ 200s] ./ioctl_dm[0x400616]
[ 200s] /lib64/libc.so.6(__libc_start_main+0xf5)[0x7fbc8f92eaf5]
[ 200s] ./ioctl_dm[0x400739]
[ 200s] ======= Memory map: ========
[ 200s] 00400000-00401000 r-xp 00000000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm
[ 200s] 00601000-00602000 r--p 00001000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm
[ 200s] 00602000-00603000 rw-p 00002000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm
[ 200s] 02244000-02265000 rw-p 00000000 00:00 0 [heap]
[ 200s] 7fbc8f6f5000-7fbc8f70a000 r-xp 00000000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1
[ 200s] 7fbc8f70a000-7fbc8f909000 ---p 00015000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1
[ 200s] 7fbc8f909000-7fbc8f90a000 r--p 00014000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1
[ 200s] 7fbc8f90a000-7fbc8f90b000 rw-p 00015000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1
[ 200s] 7fbc8f90d000-7fbc8fac3000 r-xp 00000000 08:00 131350 /usr/lib64/libc-2.17.so
[ 200s] 7fbc8fac3000-7fbc8fcc3000 ---p 001b6000 08:00 131350 /usr/lib64/libc-2.17.so
[ 200s] 7fbc8fcc3000-7fbc8fcc7000 r--p 001b6000 08:00 131350 /usr/lib64/libc-2.17.so
[ 200s] 7fbc8fcc7000-7fbc8fcc9000 rw-p 001ba000 08:00 131350 /usr/lib64/libc-2.17.so
[ 200s] 7fbc8fcc9000-7fbc8fcce000 rw-p 00000000 00:00 0
[ 200s] 7fbc8fcd5000-7fbc8fcf6000 r-xp 00000000 08:00 131343 /usr/lib64/ld-2.17.so
[ 200s] 7fbc8fef1000-7fbc8fef5000 rw-p 00000000 00:00 0
[ 200s] 7fbc8fef5000-7fbc8fef6000 r--p 00020000 08:00 131343 /usr/lib64/ld-2.17.so
[ 200s] 7fbc8fef6000-7fbc8fef7000 rw-p 00021000 08:00 131343 /usr/lib64/ld-2.17.so
[ 200s] 7fbc8fef7000-7fbc8fef9000 rw-p 00000000 00:00 0
[ 200s] 7ffe9b7e3000-7ffe9b806000 rw-p 00000000 00:00 0 [stack]
[ 200s] 7ffe9b84d000-7ffe9b84f000 r--p 00000000 00:00 0 [vvar]
[ 200s] 7ffe9b84f000-7ffe9b851000 r-xp 00000000 00:00 0 [vdso]
[ 200s] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
[ 200s] ./init.sh: line 53: 15162 Aborted "$@"
[ 200s] + rc=134
[ 200s] + '[' 134 -eq 77 ']'
[ 200s] + fail_ './ioctl_dm failed with code 134'
[ 200s] + warn_ 'ioctl_dm.test: failed test: ./ioctl_dm failed with code 134'
[ 200s] + printf '%s\n' 'ioctl_dm.test: failed test: ./ioctl_dm failed with code 134'
[ 200s] ioctl_dm.test: failed test: ./ioctl_dm failed with code 134
[ 200s] + exit 1
It is due the fact that message field is 0-element array. Worked around
by copying to string field with appropriate offset.
---
tests/ioctl_dm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tests/ioctl_dm.c b/tests/ioctl_dm.c
index a5945ae..cb6dd97 100644
--- a/tests/ioctl_dm.c
+++ b/tests/ioctl_dm.c
@@ -64,7 +64,8 @@ main(void)
init_s();
s.u.tm.target_msg.sector = 0x1234;
- strcpy(s.u.tm.target_msg.message, "tmsg");
+ strcpy(s.u.string + offsetof(struct dm_target_msg, message),
+ "tmsg");
ioctl(-1, DM_TARGET_MSG, &s);
printf("ioctl(-1, DM_TARGET_MSG, "
"{version=4.1.2, dev=makedev(18, 52), name=\"nnn\", "
--
1.7.10.4
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Strace-devel mailing list
Strace-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/strace-devel
next prev parent reply other threads:[~2016-10-09 13:28 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <alpine.LRH.2.02.1608221155410.17400@file01.intranet.prod.int.rdu2.redhat.com>
[not found] ` <20160822170920.GA5147@altlinux.org>
[not found] ` <alpine.LRH.2.02.1608231303510.7049@file01.intranet.prod.int.rdu2.redhat.com>
[not found] ` <20160824.233543.198328104871315294.yamato@redhat.com>
[not found] ` <20160824.233543.198328104871315294.yamato-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-08-25 12:27 ` [PATCH] Re: your dm patch for strace Mikulas Patocka
[not found] ` <alpine.LRH.2.02.1608250823130.24332-Hpncn10jQN4oNljnaZt3ZvA+iT7yCHsGwRM8/txMwJMAicBL8TP8PQ@public.gmane.org>
2016-09-12 17:10 ` Dmitry V. Levin
[not found] ` <20160912171029.GA5263-u2l5PoMzF/Vg9hUCZPvPmw@public.gmane.org>
2016-10-02 21:59 ` Mikulas Patocka
[not found] ` <alpine.LRH.2.02.1610021751280.29417-Hpncn10jQN4oNljnaZt3ZvA+iT7yCHsGwRM8/txMwJMAicBL8TP8PQ@public.gmane.org>
2016-10-05 10:28 ` Masatake YAMATO
[not found] ` <20161005.192828.566127461630656590.yamato-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-10-09 13:27 ` [PATCH 00/21] Some possible additions to the DM ioctl " Eugene Syromyatnikov
2016-10-09 13:28 ` [PATCH 01/21] tests/ioctl_dm: Formatting Eugene Syromyatnikov
2016-10-09 13:28 ` [PATCH 02/21] dm: whitespace fixes Eugene Syromyatnikov
2016-10-09 13:28 ` Eugene Syromyatnikov [this message]
2016-10-09 13:28 ` [PATCH 04/21] dm: Minor output tweaks Eugene Syromyatnikov
2016-10-09 13:29 ` [PATCH 05/21] xlat: Add values for dm_flags Eugene Syromyatnikov
2016-10-09 13:29 ` [PATCH 06/21] dm: Some future-proofing by means of compile-time DM_VERSION_MAJOR check Eugene Syromyatnikov
2016-10-09 13:29 ` [PATCH 07/21] dm: Add definitions for ioctl commands not implemented initially Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 08/21] dm: Use static constants for offset sizes Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 09/21] dm: Remove char * cast Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 10/21] dm: use => instead of , for splitting output structure from input Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 11/21] dm: Compare entering field values with exiting ones Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 12/21] dm: Add inttypes.h, include reorder Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 13/21] dm: Move printing of dm_ioctl fields before allocation of extra data Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 14/21] dm: replace abbrev branching with goto Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 15/21] dm: Additional data_size/data_start checks Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 16/21] dm: Add comment regarding intended fall-through in switch statement Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 17/21] dm: Add data_size and data_offset fields to output Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 18/21] tests/ioctl_dm: Allow passing size and data_start to init_s Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 19/21] dm: Add check whether command uses parameters Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 20/21] dm: Fix printing of version field Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 21/21] dm: rewrite structure decoding Eugene Syromyatnikov
2016-10-10 10:27 ` [PATCH] Re: your dm patch for strace Mikulas Patocka
2016-10-11 22:38 ` [PATCH 0/9] Additional checks for strace DM ioctl decoder test Eugene Syromyatnikov
2016-10-19 20:31 ` [PATCH] device mapper ioctl Mikulas Patocka
[not found] ` <alpine.LRH.2.02.1610191626360.628-Hpncn10jQN4oNljnaZt3ZvA+iT7yCHsGwRM8/txMwJMAicBL8TP8PQ@public.gmane.org>
2016-11-10 21:01 ` Eugene Syromyatnikov
[not found] ` <CACGkJdts9AKHnXb+b6J2kfpDNZJZW12WaNaYukrA11PHtAydag-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-11-11 3:13 ` Masatake YAMATO
2016-10-11 22:38 ` [PATCH 1/9] util: Add support for QUOTE_0_TERMINATED in user_style to ptrintstr_ex Eugene Syromyatnikov
2016-10-11 22:38 ` [PATCH 2/9] tests: Add check for printing of overlength strings to ioctl_dm test Eugene Syromyatnikov
2016-10-11 22:38 ` [PATCH 3/9] tests: Add check for presence of HAVE_LINUX_DM_IOCTL_H macro definition " Eugene Syromyatnikov
2016-10-11 22:38 ` [PATCH 4/9] tests/ioctl_dm: whitespace Eugene Syromyatnikov
2016-10-11 22:38 ` [PATCH 5/9] dm: Fix comma printing for the case when dm_target_msg structure is inaccessible Eugene Syromyatnikov
2016-10-11 22:39 ` [PATCH 6/9] tests/ioctl_dm: overly long string printing checks Eugene Syromyatnikov
2016-10-11 22:39 ` [PATCH 7/9] tests: Some additional checks for ioctl_dm test Eugene Syromyatnikov
2016-10-11 22:39 ` [PATCH 8/9] tests: Add ioctl_dm to .gitignore Eugene Syromyatnikov
2016-10-11 22:39 ` [PATCH 9/9] tests: Add checks for abbreviated DM ioctl output Eugene Syromyatnikov
2016-10-08 17:45 ` [PATCH] Re: your dm patch for strace Eugene Syromyatnikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161009132848.GA2046@obsidian \
--to=evgsyr-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
--cc=dm-devel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=mpatocka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=strace-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.