From: Eugene Syromyatnikov <evgsyr-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: strace-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org
Cc: dm-devel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org,
mpatocka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org
Subject: [PATCH 03/21] tests: Working around bounds check
Date: Sun, 9 Oct 2016 16:28:48 +0300 [thread overview]
Message-ID: <20161009132848.GA2046@obsidian> (raw)
In-Reply-To: <20161005.192828.566127461630656590.yamato-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
When building with -Wp,-D_FORTIFY_SOURCE=2, dompiler produces the
following warning:
In file included from /usr/include/string.h:638:0,
from ioctl_dm.c:4:
In function ‘strcpy’,
inlined from ‘main’ at ioctl_dm.c:57:8:
/usr/include/bits/string3.h:104:3: warning: call to __builtin___strcpy_chk will always overflow destination buffer [enabled by default]
return __builtin___strcpy_chk (__dest, __src, __bos (__dest));
^
And later it aborts:
[ 200s] FAIL: ioctl_dm
[ 200s] ==============
[ 200s]
[ 200s] + ../strace -V
[ 200s] + TIMEOUT='timeout -s 9 60'
[ 200s] + timeout -s 9 60 true
[ 200s] + exec timeout -s 9 60 ./ioctl_dm.test
[ 200s] + run_prog
[ 200s] + '[' 0 -eq 0 ']'
[ 200s] + set -- ./ioctl_dm
[ 200s] + args=./ioctl_dm
[ 200s] + ./ioctl_dm
[ 200s] *** buffer overflow detected ***: ./ioctl_dm terminated
[ 200s] ======= Backtrace: =========
[ 200s] /lib64/libc.so.6(__fortify_fail+0x37)[0x7fbc8fa1acb7]
[ 200s] /lib64/libc.so.6(+0x10be80)[0x7fbc8fa18e80]
[ 200s] ./ioctl_dm[0x400616]
[ 200s] /lib64/libc.so.6(__libc_start_main+0xf5)[0x7fbc8f92eaf5]
[ 200s] ./ioctl_dm[0x400739]
[ 200s] ======= Memory map: ========
[ 200s] 00400000-00401000 r-xp 00000000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm
[ 200s] 00601000-00602000 r--p 00001000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm
[ 200s] 00602000-00603000 rw-p 00002000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm
[ 200s] 02244000-02265000 rw-p 00000000 00:00 0 [heap]
[ 200s] 7fbc8f6f5000-7fbc8f70a000 r-xp 00000000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1
[ 200s] 7fbc8f70a000-7fbc8f909000 ---p 00015000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1
[ 200s] 7fbc8f909000-7fbc8f90a000 r--p 00014000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1
[ 200s] 7fbc8f90a000-7fbc8f90b000 rw-p 00015000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1
[ 200s] 7fbc8f90d000-7fbc8fac3000 r-xp 00000000 08:00 131350 /usr/lib64/libc-2.17.so
[ 200s] 7fbc8fac3000-7fbc8fcc3000 ---p 001b6000 08:00 131350 /usr/lib64/libc-2.17.so
[ 200s] 7fbc8fcc3000-7fbc8fcc7000 r--p 001b6000 08:00 131350 /usr/lib64/libc-2.17.so
[ 200s] 7fbc8fcc7000-7fbc8fcc9000 rw-p 001ba000 08:00 131350 /usr/lib64/libc-2.17.so
[ 200s] 7fbc8fcc9000-7fbc8fcce000 rw-p 00000000 00:00 0
[ 200s] 7fbc8fcd5000-7fbc8fcf6000 r-xp 00000000 08:00 131343 /usr/lib64/ld-2.17.so
[ 200s] 7fbc8fef1000-7fbc8fef5000 rw-p 00000000 00:00 0
[ 200s] 7fbc8fef5000-7fbc8fef6000 r--p 00020000 08:00 131343 /usr/lib64/ld-2.17.so
[ 200s] 7fbc8fef6000-7fbc8fef7000 rw-p 00021000 08:00 131343 /usr/lib64/ld-2.17.so
[ 200s] 7fbc8fef7000-7fbc8fef9000 rw-p 00000000 00:00 0
[ 200s] 7ffe9b7e3000-7ffe9b806000 rw-p 00000000 00:00 0 [stack]
[ 200s] 7ffe9b84d000-7ffe9b84f000 r--p 00000000 00:00 0 [vvar]
[ 200s] 7ffe9b84f000-7ffe9b851000 r-xp 00000000 00:00 0 [vdso]
[ 200s] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall]
[ 200s] ./init.sh: line 53: 15162 Aborted "$@"
[ 200s] + rc=134
[ 200s] + '[' 134 -eq 77 ']'
[ 200s] + fail_ './ioctl_dm failed with code 134'
[ 200s] + warn_ 'ioctl_dm.test: failed test: ./ioctl_dm failed with code 134'
[ 200s] + printf '%s\n' 'ioctl_dm.test: failed test: ./ioctl_dm failed with code 134'
[ 200s] ioctl_dm.test: failed test: ./ioctl_dm failed with code 134
[ 200s] + exit 1
It is due the fact that message field is 0-element array. Worked around
by copying to string field with appropriate offset.
---
tests/ioctl_dm.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/tests/ioctl_dm.c b/tests/ioctl_dm.c
index a5945ae..cb6dd97 100644
--- a/tests/ioctl_dm.c
+++ b/tests/ioctl_dm.c
@@ -64,7 +64,8 @@ main(void)
init_s();
s.u.tm.target_msg.sector = 0x1234;
- strcpy(s.u.tm.target_msg.message, "tmsg");
+ strcpy(s.u.string + offsetof(struct dm_target_msg, message),
+ "tmsg");
ioctl(-1, DM_TARGET_MSG, &s);
printf("ioctl(-1, DM_TARGET_MSG, "
"{version=4.1.2, dev=makedev(18, 52), name=\"nnn\", "
--
1.7.10.4
------------------------------------------------------------------------------
Check out the vibrant tech community on one of the world's most
engaging tech sites, SlashDot.org! http://sdm.link/slashdot
_______________________________________________
Strace-devel mailing list
Strace-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/strace-devel
next prev parent reply other threads:[~2016-10-09 13:28 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <alpine.LRH.2.02.1608221155410.17400@file01.intranet.prod.int.rdu2.redhat.com>
[not found] ` <20160822170920.GA5147@altlinux.org>
[not found] ` <alpine.LRH.2.02.1608231303510.7049@file01.intranet.prod.int.rdu2.redhat.com>
[not found] ` <20160824.233543.198328104871315294.yamato@redhat.com>
[not found] ` <20160824.233543.198328104871315294.yamato-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-08-25 12:27 ` [PATCH] Re: your dm patch for strace Mikulas Patocka
[not found] ` <alpine.LRH.2.02.1608250823130.24332-Hpncn10jQN4oNljnaZt3ZvA+iT7yCHsGwRM8/txMwJMAicBL8TP8PQ@public.gmane.org>
2016-09-12 17:10 ` Dmitry V. Levin
[not found] ` <20160912171029.GA5263-u2l5PoMzF/Vg9hUCZPvPmw@public.gmane.org>
2016-10-02 21:59 ` Mikulas Patocka
[not found] ` <alpine.LRH.2.02.1610021751280.29417-Hpncn10jQN4oNljnaZt3ZvA+iT7yCHsGwRM8/txMwJMAicBL8TP8PQ@public.gmane.org>
2016-10-05 10:28 ` Masatake YAMATO
[not found] ` <20161005.192828.566127461630656590.yamato-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2016-10-09 13:27 ` [PATCH 00/21] Some possible additions to the DM ioctl " Eugene Syromyatnikov
2016-10-09 13:28 ` [PATCH 01/21] tests/ioctl_dm: Formatting Eugene Syromyatnikov
2016-10-09 13:28 ` [PATCH 02/21] dm: whitespace fixes Eugene Syromyatnikov
2016-10-09 13:28 ` Eugene Syromyatnikov [this message]
2016-10-09 13:28 ` [PATCH 04/21] dm: Minor output tweaks Eugene Syromyatnikov
2016-10-09 13:29 ` [PATCH 05/21] xlat: Add values for dm_flags Eugene Syromyatnikov
2016-10-09 13:29 ` [PATCH 06/21] dm: Some future-proofing by means of compile-time DM_VERSION_MAJOR check Eugene Syromyatnikov
2016-10-09 13:29 ` [PATCH 07/21] dm: Add definitions for ioctl commands not implemented initially Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 08/21] dm: Use static constants for offset sizes Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 09/21] dm: Remove char * cast Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 10/21] dm: use => instead of , for splitting output structure from input Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 11/21] dm: Compare entering field values with exiting ones Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 12/21] dm: Add inttypes.h, include reorder Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 13/21] dm: Move printing of dm_ioctl fields before allocation of extra data Eugene Syromyatnikov
2016-10-09 13:30 ` [PATCH 14/21] dm: replace abbrev branching with goto Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 15/21] dm: Additional data_size/data_start checks Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 16/21] dm: Add comment regarding intended fall-through in switch statement Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 17/21] dm: Add data_size and data_offset fields to output Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 18/21] tests/ioctl_dm: Allow passing size and data_start to init_s Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 19/21] dm: Add check whether command uses parameters Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 20/21] dm: Fix printing of version field Eugene Syromyatnikov
2016-10-09 13:31 ` [PATCH 21/21] dm: rewrite structure decoding Eugene Syromyatnikov
2016-10-10 10:27 ` [PATCH] Re: your dm patch for strace Mikulas Patocka
2016-10-11 22:38 ` [PATCH 0/9] Additional checks for strace DM ioctl decoder test Eugene Syromyatnikov
2016-10-19 20:31 ` [PATCH] device mapper ioctl Mikulas Patocka
[not found] ` <alpine.LRH.2.02.1610191626360.628-Hpncn10jQN4oNljnaZt3ZvA+iT7yCHsGwRM8/txMwJMAicBL8TP8PQ@public.gmane.org>
2016-11-10 21:01 ` Eugene Syromyatnikov
[not found] ` <CACGkJdts9AKHnXb+b6J2kfpDNZJZW12WaNaYukrA11PHtAydag-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2016-11-11 3:13 ` Masatake YAMATO
2016-10-11 22:38 ` [PATCH 1/9] util: Add support for QUOTE_0_TERMINATED in user_style to ptrintstr_ex Eugene Syromyatnikov
2016-10-11 22:38 ` [PATCH 2/9] tests: Add check for printing of overlength strings to ioctl_dm test Eugene Syromyatnikov
2016-10-11 22:38 ` [PATCH 3/9] tests: Add check for presence of HAVE_LINUX_DM_IOCTL_H macro definition " Eugene Syromyatnikov
2016-10-11 22:38 ` [PATCH 4/9] tests/ioctl_dm: whitespace Eugene Syromyatnikov
2016-10-11 22:38 ` [PATCH 5/9] dm: Fix comma printing for the case when dm_target_msg structure is inaccessible Eugene Syromyatnikov
2016-10-11 22:39 ` [PATCH 6/9] tests/ioctl_dm: overly long string printing checks Eugene Syromyatnikov
2016-10-11 22:39 ` [PATCH 7/9] tests: Some additional checks for ioctl_dm test Eugene Syromyatnikov
2016-10-11 22:39 ` [PATCH 8/9] tests: Add ioctl_dm to .gitignore Eugene Syromyatnikov
2016-10-11 22:39 ` [PATCH 9/9] tests: Add checks for abbreviated DM ioctl output Eugene Syromyatnikov
2016-10-08 17:45 ` [PATCH] Re: your dm patch for strace Eugene Syromyatnikov
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20161009132848.GA2046@obsidian \
--to=evgsyr-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
--cc=dm-devel-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=mpatocka-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=strace-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).