lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:   Wed, 30 Sep 2020 13:40:39 -0500
From:   Tom Zanussi <zanussi@...nel.org>
To:     Axel Rasmussen <axelrasmussen@...gle.com>
Cc:     Steven Rostedt <rostedt@...dmis.org>,
        Masami Hiramatsu <mhiramat@...nel.org>,
        LKML <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH 2/3] tracing: Fix parse_synth_field() error handling

Hi Axel,

On Tue, 2020-09-29 at 14:56 -0700, Axel Rasmussen wrote:
> On Tue, Sep 29, 2020 at 1:33 PM Tom Zanussi <zanussi@...nel.org>
> wrote:
> > 
> > synth_field_size() returns either the size or an error.  However,
> > the
> > code assigns the return val to ssize_t which is unsigned, and then
> > tests whether it's less than 0, which it isn't so discards the
> > error.
> 
> I think the patch is correct, but the commit message is not.
> field->size is a size_t (unsigned), not an ssize_t (signed). I think
> this should say instead something like:
> 
> synth_field_size() returns either a positive size or an error (zero
> or
> a negative value). However, the existing code assumes the only error
> value is 0. It doesn't handle negative error codes, as it assigns
> directly to field->size (a size_t; unsigned), thereby interpreting
> the
> error code as a valid size instead.
> 

Yes, that's better - I used the above text in v2.

> > 
> > Do the test before assignment to field->size.
> > 
> > Signed-off-by: Tom Zanussi <zanussi@...nel.org>
> > ---
> >  kernel/trace/trace_events_synth.c | 6 ++++--
> >  1 file changed, 4 insertions(+), 2 deletions(-)
> > 
> > diff --git a/kernel/trace/trace_events_synth.c
> > b/kernel/trace/trace_events_synth.c
> > index a9cd7793f7ea..6e7282c7b530 100644
> > --- a/kernel/trace/trace_events_synth.c
> > +++ b/kernel/trace/trace_events_synth.c
> > @@ -465,6 +465,7 @@ static struct synth_field
> > *parse_synth_field(int argc, const char **argv,
> >         struct synth_field *field;
> >         const char *prefix = NULL, *field_type = argv[0],
> > *field_name, *array;
> >         int len, ret = 0;
> > +       int size;
> 
> Why not make this an ssize_t

Yep, makes sense.  Changed in v2, thanks!

Tom

> 
> > 
> >         if (field_type[0] == ';')
> >                 field_type++;
> > @@ -520,11 +521,12 @@ static struct synth_field
> > *parse_synth_field(int argc, const char **argv,
> >                         field->type[len - 1] = '\0';
> >         }
> > 
> > -       field->size = synth_field_size(field->type);
> > -       if (!field->size) {
> > +       size = synth_field_size(field->type);
> > +       if (size < 0) {
> >                 ret = -EINVAL;
> >                 goto free;
> >         }
> > +       field->size = size;
> > 
> >         if (synth_field_is_string(field->type))
> >                 field->is_string = true;
> > --
> > 2.17.1
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ