lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 21 Nov 2008 08:52:56 +0100
From:	Ingo Molnar <mingo@...e.hu>
To:	Liming Wang <liming.wang@...driver.com>
Cc:	Steven Rostedt <rostedt@...dmis.org>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/1] function tracing: fix wrong position computing of
	stack_trace


* Liming Wang <liming.wang@...driver.com> wrote:

> Impact: make output of stack_trace complete if buffer overflow
> 
> When read buffer overflows, the output of stack_trace isn't 
> complete.
> 
> When printing records with seq_printf in t_show, if the read buffer 
> has overflowed by the current record, then this record won't be 
> printed to user space through read buffer, it will just be dropped 
> in this printing.
> 
> When next printing, t_start should return the "*pos"th record, which 
> is the one dropped by previous printing, but it just returns 
> (m->private + *pos)th record.
> 
> Here we use a more sane method to implement seq_operations which can 
> be found in kernel code. Thus we needn't initialize m->private.
> 
> About testing, it's not easy to overflow read buffer, but we can use 
> seq_printf to print more padding bytes in t_show, then it's easy to 
> check whether or not records are lost.
> 
> This commit has been tested on both condition of overflow and non 
> overflow.
> 
> Signed-off-by: Liming Wang <liming.wang@...driver.com>
> ---
>  kernel/trace/trace_stack.c |   24 +++++++++++++++---------
>  1 files changed, 15 insertions(+), 9 deletions(-)

applied to tip/tracing/urgent, thanks!

Note, i changed 'buffer overflow' to 'buffer overrun'. (buffer 
overflow is a term typically used in a security context)

> -	i++;
> +	if (v == SEQ_START_TOKEN )
> +		i = 0;
> +	else {
> +		i = *(long *)v;
> +		i++;
> +	}

i also fixed these two minor style problems pointed out by 
scripts/checkpatch.pl:

| ERROR: space prohibited before that close parenthesis ')'
| #47: FILE: kernel/trace/trace_stack.c:187:
| +	if (v == SEQ_START_TOKEN )
|
| ERROR: space prohibited before that close parenthesis ')'
| #82: FILE: kernel/trace/trace_stack.c:245:
| +	if (v == SEQ_START_TOKEN ) {
|
| total: 2 errors, 0 warnings, 0 checks, 64 lines checked

	Ingo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ