lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20131217200239.GE6517@ghostprotocols.net>
Date:	Tue, 17 Dec 2013 17:02:39 -0300
From:	Arnaldo Carvalho de Melo <acme@...stprotocols.net>
To:	Namhyung Kim <namhyung@...nel.org>
Cc:	Steven Rostedt <rostedt@...dmis.org>,
	Frederic Weisbecker <fweisbec@...il.com>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Ingo Molnar <mingo@...nel.org>,
	Namhyung Kim <namhyung.kim@....com>,
	LKML <linux-kernel@...r.kernel.org>, Jiri Olsa <jolsa@...hat.com>
Subject: Re: [PATCH 13/14] tools lib traceevent: Get rid of die() in some
 string conversion funcitons

Em Tue, Dec 17, 2013 at 09:02:36AM +0900, Namhyung Kim escreveu:
> On Mon, 16 Dec 2013 09:40:51 -0300, Arnaldo Carvalho de Melo wrote:
> > Em Mon, Dec 16, 2013 at 01:49:11PM +0900, Namhyung Kim escreveu:
> >> On Fri, 13 Dec 2013 11:52:04 -0300, Arnaldo Carvalho de Melo wrote:
> >> > All the rest is ok, so its just the malloc + strcpy that remains to be
> >> > converted, do you want me to do it?

> >> Hmm.. did you mean like this?

> >> 		str = NULL;
> >>                 if (val)
> >>                 	asprintf(&str, "TRUE");
> >>                 else
> >>                 	asprintf(&str, "FALSE");
> >>                 return str;

> > More compact:

> > 	if (asprintf(&str, "%s", val ? "TRUE" : "FALSE") < 0)
> > 		// error handling path

> > At that point str already is set to NULL.

> Okay, this is a new one:

Thanks, it all seems now, but just prior to applying this I noticed:

> Those functions are for stringify filter arguments.  As caller of
> those functions handles NULL string properly, it seems that it's
> enough to return NULL rather than calling die().

It handles NULL in what way? This comment:

> @@ -2369,7 +2340,7 @@ static char *arg_to_str(struct event_filter *filter, struct filter_arg *arg)
>   * Returns a string that displays the filter contents.
>   *  This string must be freed with free(str).
> - *  NULL is returned if no filter is found.
> + *  NULL is returned if no filter is found or allocation failed.
>   */
>  char *
>  pevent_filter_make_string(struct event_filter *filter, int event_id)

Made me a bit unconfortable, so if it handles NULL as a filter not
found, how will it figure out what happened?

/me looks at the callers...

>From just a quick look I couldn't see cases where NULL could cause
segfaults, but saw some cases where allocation errors would not be
notified in any way to the user :-\

Anyway, applying this patch, those are other kinds of problems, i.e. further
fallout from converting from the previous panic()-at-alloc-failure approach.

- Arnaldo
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ