lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAO+b5-pZRjCsCMA=VBPN4+kRTBVw91kT_tFJhYJnB+_J=BmnTQ@mail.gmail.com>
Date:	Mon, 11 Jul 2011 20:32:39 +0200
From:	Bart Van Assche <bvanassche@....org>
To:	Jim Cromie <jim.cromie@...il.com>
Cc:	jbaron@...hat.com, linux-kernel@...r.kernel.org, joe@...ches.com,
	gregkh@...e.de, gnb@...h.org
Subject: Re: [PATCH 09/21] dynamic_debug: save_pending() saves non-matching
 queries for later.

On Mon, Jul 11, 2011 at 9:46 AM, Jim Cromie <jim.cromie@...il.com> wrote:
>
> When a query/rule doesnt match, call save_pending(new function)
> to copy the query off the stack, into a (new) struct pending_query,
> and add to pending_queries (new) list.
>
> Patch adds: /sys/module/dynamic_debug/parameters/
>  verbose - rw, added previously, here for completeness
>  pending_ct - ro, shows current count of pending queries
>
> With this and previous patches, queries added on the boot-line which
> do not match (because module is not built-in, and thus not present yet)
> are added to pending_queries.
>
> IE, with these boot-line additions:
>  dynamic_debug.verbose=1 ddebug_query="module scx200_hrt +p"
>
> Kernel will log the following:
>
> ddebug_exec_queries: query 0: "module scx200_hrt +p"
> ddebug_tokenize: split into words: "module" "scx200_hrt" "+p"
> ddebug_parse_query: parsed q->function="(null)" q->filename="(null)" \
>        q->module="scx200_hrt" q->format="(null)" q->lineno=0-0
> ddebug_parse_flags: op='+'
> ddebug_parse_flags: flags=0x1
> ddebug_parse_flags: *flagsp=0x1 *maskp=0xffffffff
> ddebug_exec_query: nfound 0 on q->function="(null)" q->filename="(null)" \
>        q->module="scx200_hrt" q->format="(null)" q->lineno=0-0
> ddebug_save_pending: add to pending: q->function="(null)" q->filename="(null)"\
>        q->module="scx200_hrt" q->format="(null)" q->lineno=0-0
> ddebug_save_pending: ddebug: query saved as pending 1
>
> Signed-off-by: Jim Cromie <jim.cromie@...il.com>
> ---
>  lib/dynamic_debug.c |   56 +++++++++++++++++++++++++++++++++++++++++++++++++++
>  1 files changed, 56 insertions(+), 0 deletions(-)
>
> diff --git a/lib/dynamic_debug.c b/lib/dynamic_debug.c
> index 81268e2..b049ef2 100644
> --- a/lib/dynamic_debug.c
> +++ b/lib/dynamic_debug.c
> @@ -53,6 +53,16 @@ struct ddebug_query {
>        unsigned int first_lineno, last_lineno;
>  };
>
> +struct pending_query {
> +       struct list_head link;
> +       struct ddebug_query query;
> +       char filename[100];
> +       char module[30];
> +       char function[50];
> +       char format[200];
> +       unsigned int flags, mask;
> +};
> +
>  struct ddebug_iter {
>        struct ddebug_table *table;
>        unsigned int idx;
> @@ -63,6 +73,11 @@ static LIST_HEAD(ddebug_tables);
>  static int verbose = 0;
>  module_param(verbose, int, 0644);
>
> +/* legal but inapplicable queries, save and test against new modules */
> +static LIST_HEAD(pending_queries);
> +static int pending_ct;
> +module_param(pending_ct, int, 0444);
> +
>  /* Return the last part of a pathname */
>  static inline const char *basename(const char *path)
>  {
> @@ -421,6 +436,42 @@ static int ddebug_parse_flags(const char *str, unsigned int *flagsp,
>        return 0;
>  }
>
> +/* copy query off stack, save flags & mask, and store in pending-list */
> +static int ddebug_save_pending(struct ddebug_query *query,
> +                               unsigned int flags, unsigned int mask)
> +{
> +       struct pending_query *pq;
> +
> +       if (verbose)
> +               pr_info("add to pending: %s\n", show_ddebug_query(query));
> +
> +       pending_ct++;
> +       pq = kzalloc(sizeof(struct pending_query), GFP_KERNEL);
> +       if (pq == NULL)
> +               return -ENOMEM;
> +
> +       /* copy non-null match-specs into allocd mem, update pointers */
> +       if (query->module)
> +               pq->query.module = strcpy(pq->module, query->module);
> +       if (query->function)
> +               pq->query.function = strcpy(pq->function, query->function);
> +       if (query->filename)
> +               pq->query.filename = strcpy(pq->filename, query->filename);
> +       if (query->format)
> +               pq->query.format = strcpy(pq->format, query->format);

I see here several calls of strcpy() without prior size check.
Shouldn't these be changed into strlcpy() ?

Bart.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ