lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 21 Nov 2008 16:13:22 +0800
From:	Wang Liming <liming.wang@...driver.com>
To:	Ingo Molnar <mingo@...e.hu>
CC:	Steven Rostedt <rostedt@...dmis.org>, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/1] function tracing: fix wrong position computing of
 stack_trace

Ingo Molnar wrote:
> * Liming Wang <liming.wang@...driver.com> wrote:
> 
>> Impact: make output of stack_trace complete if buffer overflow
>>
>> When read buffer overflows, the output of stack_trace isn't 
>> complete.
>>
>> When printing records with seq_printf in t_show, if the read buffer 
>> has overflowed by the current record, then this record won't be 
>> printed to user space through read buffer, it will just be dropped 
>> in this printing.
>>
>> When next printing, t_start should return the "*pos"th record, which 
>> is the one dropped by previous printing, but it just returns 
>> (m->private + *pos)th record.
>>
>> Here we use a more sane method to implement seq_operations which can 
>> be found in kernel code. Thus we needn't initialize m->private.
>>
>> About testing, it's not easy to overflow read buffer, but we can use 
>> seq_printf to print more padding bytes in t_show, then it's easy to 
>> check whether or not records are lost.
>>
>> This commit has been tested on both condition of overflow and non 
>> overflow.
>>
>> Signed-off-by: Liming Wang <liming.wang@...driver.com>
>> ---
>>  kernel/trace/trace_stack.c |   24 +++++++++++++++---------
>>  1 files changed, 15 insertions(+), 9 deletions(-)
> 
> applied to tip/tracing/urgent, thanks!
> 
> Note, i changed 'buffer overflow' to 'buffer overrun'. (buffer 
> overflow is a term typically used in a security context)
OK.

> 
>> -	i++;
>> +	if (v == SEQ_START_TOKEN )
>> +		i = 0;
>> +	else {
>> +		i = *(long *)v;
>> +		i++;
>> +	}
> 
> i also fixed these two minor style problems pointed out by 
> scripts/checkpatch.pl:
> 
> | ERROR: space prohibited before that close parenthesis ')'
> | #47: FILE: kernel/trace/trace_stack.c:187:
> | +	if (v == SEQ_START_TOKEN )
> |
> | ERROR: space prohibited before that close parenthesis ')'
> | #82: FILE: kernel/trace/trace_stack.c:245:
> | +	if (v == SEQ_START_TOKEN ) {
> |
> | total: 2 errors, 0 warnings, 0 checks, 64 lines checked
It's my fault, thanks a lot!

walimis
> 
> 	Ingo
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ