| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20230612160748.4082850-1-svens@linux.ibm.com>
Date: Mon, 12 Jun 2023 18:07:48 +0200
From: Sven Schnelle <svens@...ux.ibm.com>
To: Steven Rostedt <rostedt@...dmis.org>
Cc: linux-kernel@...r.kernel.org
Subject: [PATCH] tracing: fix memcpy size when copying stack entries
Noticed the following warning during boot:
[ 2.316341] Testing tracer wakeup:
[ 2.383512] ------------[ cut here ]------------
[ 2.383517] memcpy: detected field-spanning write (size 104) of single field "&entry->caller" at kernel/trace/trace.c:3167 (size 64)
The reason seems to be that the maximum number of entries is calculated
from the size of the fstack->calls array which is 128. But later the same
size is used to memcpy() the entries to entry->callers, which has only
room for eight elements. Therefore use the minimum of both arrays as limit.
Signed-off-by: Sven Schnelle <svens@...ux.ibm.com>
---
kernel/trace/trace.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c
index 64a4dde073ef..988d664c13ec 100644
--- a/kernel/trace/trace.c
+++ b/kernel/trace/trace.c
@@ -3146,7 +3146,7 @@ static void __ftrace_trace_stack(struct trace_buffer *buffer,
barrier();
fstack = this_cpu_ptr(ftrace_stacks.stacks) + stackidx;
- size = ARRAY_SIZE(fstack->calls);
+ size = min(ARRAY_SIZE(entry->caller), ARRAY_SIZE(fstack->calls));
if (regs) {
nr_entries = stack_trace_save_regs(regs, fstack->calls,
--
2.39.2
Powered by blists - more mailing lists