| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CABCJKufveknkc_ribOBamC_MXRGounFkYBeRkKhppPSHijxtZg@mail.gmail.com>
Date: Mon, 26 Aug 2024 11:47:44 -0700
From: Sami Tolvanen <samitolvanen@...gle.com>
To: Petr Pavlu <petr.pavlu@...e.com>
Cc: Masahiro Yamada <masahiroy@...nel.org>, Luis Chamberlain <mcgrof@...nel.org>,
Miguel Ojeda <ojeda@...nel.org>, Greg Kroah-Hartman <gregkh@...uxfoundation.org>,
Matthew Maurer <mmaurer@...gle.com>, Alex Gaynor <alex.gaynor@...il.com>,
Wedson Almeida Filho <wedsonaf@...il.com>, Gary Guo <gary@...yguo.net>, Neal Gompa <neal@...pa.dev>,
Hector Martin <marcan@...can.st>, Janne Grunau <j@...nau.net>, Asahi Linux <asahi@...ts.linux.dev>,
linux-kbuild@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-modules@...r.kernel.org, rust-for-linux@...r.kernel.org
Subject: Re: [PATCH v2 01/19] tools: Add gendwarfksyms
Hi Petr,
On Mon, Aug 26, 2024 at 10:42 AM Petr Pavlu <petr.pavlu@...e.com> wrote:
>
> On 8/15/24 19:39, Sami Tolvanen wrote:
> > +static int parse_options(int argc, const char **argv)
> > +{
> > + for (int i = 1; i < argc; i++) {
> > + bool flag = false;
> > +
> > + for (int j = 0; j < ARRAY_SIZE(options); j++) {
> > + if (strcmp(argv[i], options[j].arg))
> > + continue;
> > +
> > + *options[j].flag = true;
> > +
> > + if (options[j].param) {
> > + if (++i >= argc) {
> > + error("%s needs an argument",
> > + options[j].arg);
> > + return -1;
> > + }
> > +
> > + *options[j].param = argv[i];
> > + }
> > +
> > + flag = true;
> > + break;
> > + }
> > +
> > + if (!flag)
> > + object_files[object_count++] = argv[i];
>
> I would rather add a check that this doesn't produce an out-of-bounds
> access.
True, this could overflow object_files with a sufficient number of
arguments. I'll add a check.
> > [...]
> > +int main(int argc, const char **argv)
> > +{
> > + unsigned int n;
> > +
> > + if (parse_options(argc, argv) < 0)
> > + return usage();
> > +
> > + for (n = 0; n < object_count; n++) {
> > + Dwfl *dwfl;
> > + int fd;
> > +
> > + fd = open(object_files[n], O_RDONLY);
> > + if (fd == -1) {
> > + error("open failed for '%s': %s", object_files[n],
> > + strerror(errno));
> > + return -1;
> > + }
> > +
> > + dwfl = dwfl_begin(&callbacks);
> > + if (!dwfl) {
> > + error("dwfl_begin failed for '%s': %s", object_files[n],
> > + dwarf_errmsg(-1));
> > + return -1;
> > + }
> > +
> > + if (!dwfl_report_offline(dwfl, object_files[n], object_files[n],
> > + fd)) {
> > + error("dwfl_report_offline failed for '%s': %s",
> > + object_files[n], dwarf_errmsg(-1));
> > + return -1;
> > + }
> > +
> > + dwfl_report_end(dwfl, NULL, NULL);
> > +
> > + if (dwfl_getmodules(dwfl, &process_modules, NULL, 0)) {
> > + error("dwfl_getmodules failed for '%s'",
> > + object_files[n]);
> > + return -1;
> > + }
>
> I see that libdwfl has also directly function dwfl_nextcu(). Would it
> make sense to use it to simplify the code?
How do you propose using the function? This loop goes through multiple
input files, should we need them, and we iterate through all the CUs
in process_modules.
> > +
> > + dwfl_end(dwfl);
> > + close(fd);
>
> Isn't fd consumed by dwfl_report_offline() on success? I'm seeing EBADF
> from this close() call.
Good catch! I'll drop this in v3.
Sami
Powered by blists - more mailing lists