lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Jul 2018 20:10:10 -0400 From: William Cohen <wcohen@...hat.com> To: Jiri Olsa <jolsa@...hat.com> Cc: peterz@...radead.org, mingo@...hat.com, acme@...nel.org, linux-kernel@...r.kernel.org, alexander.shishkin@...ux.intel.com, namhyung@...nel.org Subject: Re: [PATCH] Check jvmti_agent snprintf return value to avoid build failures with GCC-8.1.1 On 07/10/2018 06:58 PM, Jiri Olsa wrote: > On Tue, Jul 10, 2018 at 02:27:16PM -0400, William Cohen wrote: >> Newer versions of GCC perform static analysis to determine whether >> string truncation is possible with functions such as snprintf and >> provide a warning if truncation could occur. The make for >> jvmti_agent.c uses the compiler option that treats any compiler >> warnings as compiler errors. For GCC-8.1.1 in Fedora 28 this causes >> the build to fail. The return value of the snprint is now checked to >> ensure snprintf produced a NULL-terminated string. If the string for >> the path is invalid, the code does attempt to use the string. > > hi, > I posted fix for this recently: > https://lore.kernel.org/lkml/20180702134202.17745-1-jolsa@kernel.org/ > > it also covers the perf_regs.c, which was failing with gcc8 for me > > should be pulled in soon > > thanks, > jirka Hi Jirka, Thanks. I hadn't seen the patch, and this failing to build for the past week has been bugging me. Glad to hear there is already a fix queued up. -Will > >> >> Signed-off-by: William Cohen <wcohen@...hat.com> >> --- >> tools/perf/jvmti/jvmti_agent.c | 7 +++++-- >> 1 file changed, 5 insertions(+), 2 deletions(-) >> >> diff --git a/tools/perf/jvmti/jvmti_agent.c b/tools/perf/jvmti/jvmti_agent.c >> index 0c6d1002b524..30f14eafe4b3 100644 >> --- a/tools/perf/jvmti/jvmti_agent.c >> +++ b/tools/perf/jvmti/jvmti_agent.c >> @@ -227,7 +227,7 @@ void *jvmti_open(void) >> { >> char dump_path[PATH_MAX]; >> struct jitheader header; >> - int fd; >> + int retlen, fd; >> FILE *fp; >> >> init_arch_timestamp(); >> @@ -249,7 +249,10 @@ void *jvmti_open(void) >> /* >> * jitdump file name >> */ >> - snprintf(dump_path, PATH_MAX, "%s/jit-%i.dump", jit_path, getpid()); >> + retlen = snprintf(dump_path, PATH_MAX, "%s/jit-%i.dump", >> + jit_path, getpid()); >> + if (retlen <= 0 || ((int) sizeof(dump_path)) <= retlen) >> + return NULL; >> >> fd = open(dump_path, O_CREAT|O_TRUNC|O_RDWR, 0666); >> if (fd == -1) >> -- >> 2.17.1 >>
Powered by blists - more mailing lists