lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <1a2677f0-0357-42d5-b233-af5db94bf81d@oracle.com>
Date: Mon, 17 Nov 2025 08:33:43 +0100
From: Alexandre Chartre <alexandre.chartre@...cle.com>
To: Josh Poimboeuf <jpoimboe@...nel.org>
Cc: alexandre.chartre@...cle.com, linux-kernel@...r.kernel.org,
        mingo@...nel.org, peterz@...radead.org
Subject: Re: [PATCH v4 11/28] objtool: Trace instruction state changes during
 function validation


On 11/14/25 22:21, Josh Poimboeuf wrote:
> On Thu, Nov 13, 2025 at 05:49:00PM +0100, Alexandre Chartre wrote:
>> +/*
>> + * Return the name of a register. Note that the same static buffer
>> + * is returned if the name is dynamically generated.
>> + */
>> +static const char *cfi_reg_name(unsigned int reg)
>> +{
>> +	static char rname_buffer[CFI_REG_NAME_MAXLEN];
>> +
>> +	switch (reg) {
>> +	case CFI_UNDEFINED:
>> +		return "<undefined>";
>> +	case CFI_CFA:
>> +		return "cfa";
>> +	case CFI_SP_INDIRECT:
>> +		return "(sp)";
>> +	case CFI_BP_INDIRECT:
>> +		return "(bp)";
>> +	}
>> +
>> +	if (snprintf(rname_buffer, CFI_REG_NAME_MAXLEN, "r%d", reg) == 1)
>> +		return NULL;
> 
> An snprintf() error would either be -1 (error) or ">=
> CFI_REG_NAME_MAXLEN" (truncation).
> 
> Also maybe return "(error)" or so, so the caller doesn't need to check
> the return value.

Right, I will fix that.

>> +static void trace_cfi_reg(const char *prefix, int reg, const char *fmt,
>> +			  int base_prev, int offset_prev,
>> +			  int base_next, int offset_next)
>> +{
>> +	const char *rname;
>> +
>> +	if (base_prev == base_next && offset_prev == offset_next)
>> +		return;
>> +
>> +	if (prefix)
>> +		TRACE("%s:", prefix);
>> +
>> +	rname = cfi_reg_name(reg);
>> +
>> +	if (base_next == CFI_UNDEFINED) {
>> +		TRACE("%1$s=<undef> ", rname);
>> +	} else {
>> +		TRACE(fmt, rname,
>> +		      cfi_reg_name(base_next), offset_next);
> 
> Since cfi_reg_name() can reuse the same static local buffer, rname and
> cfi_reg_name(base_next) might point to the same string?
> 

Yes, good catch. I will fix.

Thanks,

alex.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ