| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20161219161821.GA294@x4>
Date: Mon, 19 Dec 2016 17:18:21 +0100
From: Markus Trippelsdorf <markus@...ppelsdorf.de>
To: linux-kernel@...r.kernel.org
Cc: Arnaldo Carvalho de Melo <acme@...nel.org>,
Ingo Molnar <mingo@...hat.com>
Subject: *** buffer overflow detected ***: /usr/src/linux/tools/perf/perf
terminated
Running the latest kernel git tree, I get buffer overflow warnings when
I try to run "perf top":
*** buffer overflow detected ***: /usr/src/linux/tools/perf/perf terminated
__GI_raise (sig=sig@...ry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
51 }
(gdb) bt
#0 __GI_raise (sig=sig@...ry=6) at ../sysdeps/unix/sysv/linux/raise.c:51
#1 0x00007ffff5f29cbb in __GI_abort () at abort.c:89
#2 0x00007ffff5f6f553 in __libc_message (do_abort=do_abort@...ry=2, fmt=fmt@...ry=0x7ffff6056455 "*** %s ***: %s terminated\n") at ../sysdeps/posix/libc_fatal.c:175
#3 0x00007ffff600d8c7 in __GI___fortify_fail (msg=msg@...ry=0x7ffff60563ec "buffer overflow detected") at fortify_fail.c:30
#4 0x00007ffff600b790 in __GI___chk_fail () at chk_fail.c:28
#5 0x00007ffff600bc35 in __read_chk (fd=fd@...ry=3, buf=buf@...ry=0x7fffffff48f0, nbytes=nbytes@...ry=1572864, buflen=buflen@...ry=8192) at read_chk.c:30
#6 0x00000000004fafc4 in read (__nbytes=1572864, __buf=0x7fffffff48f0, __fd=3) at /usr/include/bits/unistd.h:39
#7 sysfs__read_build_id (filename=filename@...ry=0x7fffffff6940 "/sys/kernel/notes", build_id=build_id@...ry=0x1db5e34, size=size@...ry=20) at util/symbol-elf.c:540
#8 0x00000000004a8c22 in dso__read_running_kernel_build_id (dso=dso@...ry=0x1db5d70, machine=machine@...ry=0x1db5ab8) at util/dso.c:1152
#9 0x00000000004b875a in machine__get_kernel (machine=machine@...ry=0x1db5ab8) at util/machine.c:715
#10 0x00000000004ba0ab in machine__create_kernel_maps (machine=machine@...ry=0x1db5ab8) at util/machine.c:1127
#11 0x00000000004bf169 in perf_session__create_kernel_maps (session=session@...ry=0x1db59d0) at util/session.c:70
#12 0x00000000004bf43b in perf_session__new (file=file@...ry=0x0, repipe=repipe@...ry=false, tool=tool@...ry=0x0) at util/session.c:154
#13 0x0000000000441eca in __cmd_top (top=0x7fffffff8a70) at builtin-top.c:925
#14 cmd_top (argc=<optimized out>, argv=<optimized out>, prefix=<optimized out>) at builtin-top.c:1330
#15 0x0000000000487481 in run_builtin (p=p@...ry=0x679d78 <commands+312>, argc=argc@...ry=2, argv=argv@...ry=0x7fffffffe4c0) at perf.c:358
#16 0x0000000000487722 in handle_internal_command (argc=2, argv=0x7fffffffe4c0) at perf.c:420
#17 0x0000000000487982 in run_argv (argv=0x7fffffffe250, argcp=0x7fffffffe25c) at perf.c:466
#18 main (argc=<optimized out>, argv=<optimized out>) at perf.c:610
(gdb) up
#7 sysfs__read_build_id (filename=filename@...ry=0x7fffffff6940 "/sys/kernel/notes", build_id=build_id@...ry=0x1db5e34, size=size@...ry=20) at util/symbol-elf.c:540
540 if (read(fd, bf, n) != n)
(gdb) l
535 }
536 } else if (read(fd, bf, descsz) != (ssize_t)descsz)
537 break;
538 } else {
539 int n = namesz + descsz;
540 if (read(fd, bf, n) != n)
541 break;
542 }
543 }
544 close(fd);
(gdb) p n
$4 = 1572864
(gdb) p BUFSIZ
$5 = 8192
--
Markus
Powered by blists - more mailing lists