Re: [PATCH v2 6/9] perf tests: Use scandirat for shell script finding

linux-perf-users.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

From: Namhyung Kim <namhyung@kernel.org>
To: Ian Rogers <irogers@google.com>
Cc: Peter Zijlstra <peterz@infradead.org>,
	Ingo Molnar <mingo@redhat.com>,
	 Arnaldo Carvalho de Melo <acme@kernel.org>,
	Mark Rutland <mark.rutland@arm.com>,
	 Alexander Shishkin <alexander.shishkin@linux.intel.com>,
	Jiri Olsa <jolsa@kernel.org>,
	 Adrian Hunter <adrian.hunter@intel.com>,
	Nathan Chancellor <nathan@kernel.org>,
	 Nick Desaulniers <ndesaulniers@google.com>,
	Tom Rix <trix@redhat.com>,  Ravi Bangoria <ravi.bangoria@amd.com>,
	James Clark <james.clark@arm.com>,
	 Kan Liang <kan.liang@linux.intel.com>,
	John Garry <john.g.garry@oracle.com>,
	 linux-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org,
	 llvm@lists.linux.dev
Subject: Re: [PATCH v2 6/9] perf tests: Use scandirat for shell script finding
Date: Tue, 13 Feb 2024 16:51:56 -0800	[thread overview]
Message-ID: <CAM9d7cim3Geib9QNrtL6FVH-gg-=metH_u_yKnJFa+G=maOz3A@mail.gmail.com> (raw)
In-Reply-To: <CAP-5=fV1dA_hbH=UAZFL8DeuRzvRqW51-gQFSpuEsHpWEDDtWw@mail.gmail.com>

On Mon, Feb 12, 2024 at 8:07 AM Ian Rogers <irogers@google.com> wrote:
>
> On Fri, Feb 9, 2024 at 8:41 PM Namhyung Kim <namhyung@kernel.org> wrote:
> >
> > On Wed, Jan 31, 2024 at 4:15 PM Ian Rogers <irogers@google.com> wrote:
> > >
> > > Avoid filename appending buffers by using openat, faccessat and
> > > scandirat more widely. Turn the script's path back to a file name
> > > using readlink from /proc/<pid>/fd/<fd>.
> > >
> > > Read the script's description using api/io.h to avoid fdopen
> > > conversions. Whilst reading perform additional sanity checks on the
> > > script's contents.
> > >
> > > Signed-off-by: Ian Rogers <irogers@google.com>
> > > ---
> > [SNIP]
> > > -static const char *shell_test__description(char *description, size_t size,
> > > -                                           const char *path, const char *name)
> > > +static char *shell_test__description(int dir_fd, const char *name)
> > >  {
> > > -       FILE *fp;
> > > -       char filename[PATH_MAX];
> > > -       int ch;
> > > +       struct io io;
> > > +       char buf[128], desc[256];
> > > +       int ch, pos = 0;
> > >
> > > -       path__join(filename, sizeof(filename), path, name);
> > > -       fp = fopen(filename, "r");
> > > -       if (!fp)
> > > +       io__init(&io, openat(dir_fd, name, O_RDONLY), buf, sizeof(buf));
> > > +       if (io.fd < 0)
> > >                 return NULL;
> > >
> > >         /* Skip first line - should be #!/bin/sh Shebang */
> > > +       if (io__get_char(&io) != '#')
> > > +               goto err_out;
> > > +       if (io__get_char(&io) != '!')
> > > +               goto err_out;
> > >         do {
> > > -               ch = fgetc(fp);
> > > -       } while (ch != EOF && ch != '\n');
> > > -
> > > -       description = fgets(description, size, fp);
> > > -       fclose(fp);
> > > +               ch = io__get_char(&io);
> > > +               if (ch < 0)
> > > +                       goto err_out;
> > > +       } while (ch != '\n');
> > >
> > > -       /* Assume first char on line is omment everything after that desc */
> > > -       return description ? strim(description + 1) : NULL;
> > > +       do {
> > > +               ch = io__get_char(&io);
> > > +               if (ch < 0)
> > > +                       goto err_out;
> > > +       } while (ch == '#' || isspace(ch));
> > > +       while (ch > 0 && ch != '\n') {
> > > +               desc[pos++] = ch;
> > > +               if (pos >= (int)sizeof(desc) - 1)
> >
> > Maybe (pos == sizeof(desc) - 2) ?  I'm not sure what happens if it has a
> > description longer than the buffer size.
>
> Thanks Namhyung!
>
> sizeof(desc) - 1 == sizeof(char[256]) - 1 == 255 , so at this point
> pos can at most be 255 and there is one space after pos for a trailing
> '\0'.
>
> > > +                       break;
> > > +               ch = io__get_char(&io);
> > > +       }
> > > +       while (pos > 0 && isspace(desc[--pos]))
> > > +               ;
>
> Here pos is moved back to at least one to 254.

Oh, right.  I missed it moved the pos back.

Thanks,
Namhyung

>
> > > +       desc[++pos] = '\0';
> >
> > Wouldn't it overflow the buffer?
>
> At this point pos can only have a maximum value of 255 which is within
> the bounds of desc.
>
> Thanks,
> Ian
>
> > Thanks,
> > Namhyung
> >
> >
> > > +       close(io.fd);
> > > +       return strdup(desc);
> > > +err_out:
> > > +       close(io.fd);
> > > +       return NULL;
> > >  }

next prev parent reply	other threads:[~2024-02-14  0:52 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-02-01  0:14 [PATCH v2 1/9] perf thread_map: Skip exited threads when scanning /proc Ian Rogers
2024-02-01  0:14 ` [PATCH v2 2/9] perf list: Add scandirat compatibility function Ian Rogers
2024-02-01  0:14 ` [PATCH v2 3/9] perf tests: Avoid fork in perf_has_symbol test Ian Rogers
2024-02-01  0:14 ` [PATCH v2 4/9] tools subcmd: Add a no exec function call option Ian Rogers
2024-02-01  0:14 ` [PATCH v2 5/9] perf test: Rename builtin-test-list and add missed header guard Ian Rogers
2024-02-01  0:15 ` [PATCH v2 6/9] perf tests: Use scandirat for shell script finding Ian Rogers
2024-02-10  4:40   ` Namhyung Kim
2024-02-12 16:06     ` Ian Rogers
2024-02-14  0:51       ` Namhyung Kim [this message]
2024-02-01  0:15 ` [PATCH v2 7/9] perf tests: Run time generate shell test suites Ian Rogers
2024-02-10  4:41   ` Namhyung Kim
2024-02-12 17:42     ` Ian Rogers
2024-02-01  0:15 ` [PATCH v2 8/9] perf srcline: Add missed addr2line closes Ian Rogers
2024-02-10  0:21   ` Namhyung Kim
2024-02-10  4:42     ` Namhyung Kim
2024-02-12 19:11   ` Namhyung Kim
2024-02-01  0:15 ` [PATCH v2 9/9] perf tests: Add option to run tests in parallel Ian Rogers

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAM9d7cim3Geib9QNrtL6FVH-gg-=metH_u_yKnJFa+G=maOz3A@mail.gmail.com' \
    --to=namhyung@kernel.org \
    --cc=acme@kernel.org \
    --cc=adrian.hunter@intel.com \
    --cc=alexander.shishkin@linux.intel.com \
    --cc=irogers@google.com \
    --cc=james.clark@arm.com \
    --cc=john.g.garry@oracle.com \
    --cc=jolsa@kernel.org \
    --cc=kan.liang@linux.intel.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-perf-users@vger.kernel.org \
    --cc=llvm@lists.linux.dev \
    --cc=mark.rutland@arm.com \
    --cc=mingo@redhat.com \
    --cc=nathan@kernel.org \
    --cc=ndesaulniers@google.com \
    --cc=peterz@infradead.org \
    --cc=ravi.bangoria@amd.com \
    --cc=trix@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).