| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <8d15e5a6-e80a-4707-a43a-4cbb6d810222@arm.com>
Date: Mon, 20 Oct 2025 13:19:46 +0100
From: Douglas Raillard <douglas.raillard@....com>
To: Steven Rostedt <rostedt@...nel.org>, linux-kernel@...r.kernel.org,
linux-trace-kernel@...r.kernel.org, linux-perf-users@...r.kernel.org
Cc: Masami Hiramatsu <mhiramat@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Mathieu Desnoyers <mathieu.desnoyers@...icios.com>,
Andrew Morton <akpm@...ux-foundation.org>,
Peter Zijlstra <peterz@...radead.org>, Namhyung Kim <namhyung@...nel.org>,
Takaya Saeki <takayas@...gle.com>, Tom Zanussi <zanussi@...nel.org>,
Thomas Gleixner <tglx@...utronix.de>, Ian Rogers <irogers@...gle.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>, Jiri Olsa <jolsa@...nel.org>,
Adrian Hunter <adrian.hunter@...el.com>, Ingo Molnar <mingo@...hat.com>
Subject: Re: [PATCH v3 12/13] tracing: Check for printable characters when
printing field dyn strings
Hi Steve,
On 15-10-2025 18:32, Steven Rostedt wrote:
> From: Steven Rostedt <rostedt@...dmis.org>
>
> When the "fields" option is enabled, it prints each trace event field
> based on its type. But a dynamic array and a dynamic string can both have
> a "char *" type. Printing it as a string can cause escape characters to be
> printed and mess up the output of the trace.
We faced the same issue when converting trace.dat to other formats that distinguish
between a byte buffer and an actual string. The current solution we have is to
reserve "char []" for actual string and use "u8 []"/"uint8_t []" for byte buffers.
Obviously it does not solve the problem for existing events but that could be worth
establishing a convention like that for new code and support it in trace_output.c ?
Most uses of trace data beyond direct printing would require knowing the data schema
from the header info, so value-based criteria are typically not suitable for that.
> For dynamic strings, test if there are any non-printable characters, and
> if so, print both the string with the non printable characters as '.', and
> the print the hex value of the array.
>
> Signed-off-by: Steven Rostedt (Google) <rostedt@...dmis.org>
> ---
> kernel/trace/trace_output.c | 27 +++++++++++++++++++++++++--
> 1 file changed, 25 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/trace/trace_output.c b/kernel/trace/trace_output.c
> index 97db0b0ccf3e..718b255b6fd8 100644
> --- a/kernel/trace/trace_output.c
> +++ b/kernel/trace/trace_output.c
> @@ -950,7 +950,9 @@ static void print_fields(struct trace_iterator *iter, struct trace_event_call *c
> int offset;
> int len;
> int ret;
> + int i;
> void *pos;
> + char *str;
>
> list_for_each_entry_reverse(field, head, link) {
> trace_seq_printf(&iter->seq, " %s=", field->name);
> @@ -977,8 +979,29 @@ static void print_fields(struct trace_iterator *iter, struct trace_event_call *c
> trace_seq_puts(&iter->seq, "<OVERFLOW>");
> break;
> }
> - pos = (void *)iter->ent + offset;
> - trace_seq_printf(&iter->seq, "%.*s", len, (char *)pos);
> + str = (char *)iter->ent + offset;
> + /* Check if there's any non printable strings */
> + for (i = 0; i < len; i++) {
> + if (str[i] && !(isascii(str[i]) && isprint(str[i])))
> + break;
> + }
> + if (i < len) {
> + for (i = 0; i < len; i++) {
> + if (isascii(str[i]) && isprint(str[i]))
> + trace_seq_putc(&iter->seq, str[i]);
> + else
> + trace_seq_putc(&iter->seq, '.');
> + }
> + trace_seq_puts(&iter->seq, " (");
> + for (i = 0; i < len; i++) {
> + if (i)
> + trace_seq_putc(&iter->seq, ':');
> + trace_seq_printf(&iter->seq, "%02x", str[i]);
> + }
> + trace_seq_putc(&iter->seq, ')');
> + } else {
> + trace_seq_printf(&iter->seq, "%.*s", len, str);
> + }
> break;
> case FILTER_PTR_STRING:
> if (!iter->fmt_size)
--
Douglas
Powered by blists - more mailing lists