From: Nick Alcock <nick.alcock@oracle.com>
To: Kris Van Hees <kris.van.hees@oracle.com>
Cc: dtrace@lists.linux.dev, dtrace-devel@oss.oracle.com, sam@gentoo.org
Subject: Re: [PATCH 05/14] probe: get the size of the hash-lookup key right
Date: Mon, 28 Oct 2024 17:14:24 +0000 [thread overview]
Message-ID: <87plnkqhe7.fsf@esperi.org.uk> (raw)
In-Reply-To: <ZxsFFkZt2Gzgrspz@kvh-deb-bpf.us.oracle.com> (Kris Van Hees's message of "Thu, 24 Oct 2024 22:40:22 -0400")
On 25 Oct 2024, Kris Van Hees stated:
> On Thu, Oct 24, 2024 at 12:37:49PM +0100, Nick Alcock wrote:
>> This was allocated with alloca() but then snprintf()ed with a size of
>> INT_MAX. This makes _FORTIFY_SOURCE rightly unhappy.
>>
>> Passing in the size we actually allocated is trivial.
>
> Except for the fact that dt_probe_keylen() and dt_probe_key() are only
> ever used from dt_probe_lookup2(). So, getting rid of those two functions
> and rewriting the call as shown below seems to be a much better fix.
Yeah. I assumed you wanted to keep the alloca() for some reason, but if
you don't (and it seems to be not incredibly helpful), then I agree.
>> Signed-off-by: Nick Alcock <nick.alcock@oracle.com>
>> Bug: https://github.com/oracle/dtrace-utils/issues/78
>> ---
>> libdtrace/dt_probe.c | 6 +++---
>> 1 file changed, 3 insertions(+), 3 deletions(-)
>>
>> diff --git a/libdtrace/dt_probe.c b/libdtrace/dt_probe.c
>> index 686e2a661253..bb1773ee60d4 100644
>> --- a/libdtrace/dt_probe.c
>> +++ b/libdtrace/dt_probe.c
>> @@ -180,9 +180,9 @@ dt_probe_keylen(const dtrace_probedesc_t *pdp)
>> }
>>
>> static char *
>> -dt_probe_key(const dtrace_probedesc_t *pdp, char *s)
>> +dt_probe_key(const dtrace_probedesc_t *pdp, char *s, size_t len)
>> {
>> - snprintf(s, INT_MAX, "%s:%s:%s", pdp->mod, pdp->fun, pdp->prb);
>> + snprintf(s, len, "%s:%s:%s", pdp->mod, pdp->fun, pdp->prb);
>> return s;
>> }
>>
>> @@ -204,7 +204,7 @@ dt_probe_lookup2(dt_provider_t *pvp, const char *s)
>> return NULL; /* dt_errno is set for us */
>>
>> keylen = dt_probe_keylen(&pd);
>> - key = dt_probe_key(&pd, alloca(keylen));
>> + key = dt_probe_key(&pd, alloca(keylen), keylen);
>
> Better would be:
> if (asprintf(&key, "%s:%s:%s", pdp->mod, pdp->fun, pdp->prb) == -1) {
> dt_set_errno(dtp, errno);
> return NULL;
> }
Went from that into a minor can of worms: the entire function is rusted
kernel-dtrace-era stuff, from a header comment that talks about caching
and interrogation of the kernel that the function never does, through a
probedesc that is always leaked, errno checks that succeed only randomly
(checking errno but no longer doing so after a function that can set
errno on failure, so basically random) which leads to the wrong error
return almost all the time... ... I think my latest version fixes all
those problems (more description in its commit comment, forthcoming).
Any problems in this one will likely be uncovered by the pre-release
valgrind run! but I'll do a full make check before mailing the series
out again anyway.
--
NULL && (void)
next prev parent reply other threads:[~2024-10-28 17:14 UTC|newest]
Thread overview: 34+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-10-24 11:37 [PATCH 00/14] gentoo, manpage, and assorted other small fixes Nick Alcock
2024-10-24 11:37 ` [PATCH 01/14] No longer depend on libsystemd Nick Alcock
2024-10-25 2:21 ` Kris Van Hees
2024-10-28 16:14 ` Nick Alcock
2024-10-24 11:37 ` [PATCH 02/14] pkgconfig: drop spaces in variable decls Nick Alcock
2024-10-25 2:22 ` Kris Van Hees
2024-10-28 16:16 ` Nick Alcock
2024-10-24 11:37 ` [PATCH 03/14] configure, build: make valgrind optional Nick Alcock
2024-10-25 2:30 ` Kris Van Hees
2024-10-28 16:38 ` Nick Alcock
2024-10-24 11:37 ` [PATCH 04/14] build: substitute LIBDIR in pkg-config files Nick Alcock
2024-10-25 2:32 ` Kris Van Hees
2024-10-24 11:37 ` [PATCH 05/14] probe: get the size of the hash-lookup key right Nick Alcock
2024-10-25 2:40 ` Kris Van Hees
2024-10-28 17:14 ` Nick Alcock [this message]
2024-10-24 11:37 ` [PATCH 06/14] configure: fix dreadful behaviour of MANDIR / --mandir Nick Alcock
2024-10-25 2:41 ` Kris Van Hees
2024-10-24 11:37 ` [PATCH 07/14] man: the synopsis is ended with .YS, not .SY Nick Alcock
2024-10-25 2:49 ` Kris Van Hees
2024-10-24 11:37 ` [PATCH 08/14] man: use \- for option dashes, not - Nick Alcock
2024-10-25 2:49 ` Kris Van Hees
2024-10-24 11:37 ` [PATCH 09/14] man: drop blank lines Nick Alcock
2024-10-25 2:50 ` Kris Van Hees
2024-10-24 11:37 ` [PATCH 10/14] man: fix blank line in environment variables list Nick Alcock
2024-10-25 2:50 ` Kris Van Hees
2024-10-24 11:37 ` [PATCH 11/14] dtprobed: fix parser child timeout Nick Alcock
2024-10-25 2:54 ` Kris Van Hees
2024-10-24 11:37 ` [PATCH 12/14] man: add manpage for dtprobed(8) Nick Alcock
2024-10-25 2:53 ` Kris Van Hees
2024-10-28 17:18 ` Nick Alcock
2024-10-24 11:37 ` [PATCH 13/14] man: drop double-\fB at the start of every option line Nick Alcock
2024-10-25 2:55 ` Kris Van Hees
2024-10-24 11:37 ` [PATCH 14/14] man: \fP-ize Nick Alcock
2024-10-25 2:55 ` Kris Van Hees
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87plnkqhe7.fsf@esperi.org.uk \
--to=nick.alcock@oracle.com \
--cc=dtrace-devel@oss.oracle.com \
--cc=dtrace@lists.linux.dev \
--cc=kris.van.hees@oracle.com \
--cc=sam@gentoo.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.