| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 18 Nov 2021 07:57:33 +0300
From: Nikita Yushchenko <nikita.yushchenko@...tuozzo.com>
To: Steven Rostedt <rostedt@...dmis.org>
Cc: Ingo Molnar <mingo@...hat.com>, linux-kernel@...r.kernel.org,
kernel@...nvz.org
Subject: Re: [PATCH] tracing: fix va_list breakage in trace_check_vprintf()
Hi
> The real fix is:
>
> diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
> index f9139dc1262c..7aa5ea5ca912 100644
> --- a/kernel/trace/trace.c
> +++ b/kernel/trace/trace.c
> @@ -3654,6 +3654,10 @@ static bool trace_safe_str(struct trace_iterator *iter, const char *str)
> struct trace_event *trace_event;
> struct trace_event_call *event;
>
> + /* if seq is full, then we can't test it */
> + if (iter->seq->full)
> + return true;
> +
What I don't like here is - trace_check_vprintf() will still extract wrong positional arguments, and use
the result as part of it's logic.
Although with your change such use becomes a no-op, this is unintuitive and can turn easily into real
problems with future changes.
And, the above comment is inexact... why we can't test? We can, testing code does no depend on
iter->seq. What we can't is - reliably extract str to test.
If testing seq->full condition is preferred over forcibly consuming args from va_list, then such a test
shall be done before trace_check_vprintf() tries to use va_arg(). Will submit a patch doing that.
Nikita
Powered by blists - more mailing lists