From patchwork Sun Oct 9 13:28:48 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Eugene Syromyatnikov X-Patchwork-Id: 9369105 X-Patchwork-Delegate: snitzer@redhat.com Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 911FF60865 for ; Mon, 10 Oct 2016 08:32:59 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 843C22932F for ; Mon, 10 Oct 2016 08:32:59 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 792382933E; Mon, 10 Oct 2016 08:32:59 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-6.8 required=2.0 tests=BAYES_00, DKIM_ADSP_CUSTOM_MED, DKIM_SIGNED, FREEMAIL_FROM, RCVD_IN_DNSWL_HI, T_DKIM_INVALID autolearn=ham version=3.3.1 Received: from mx4-phx2.redhat.com (mx4-phx2.redhat.com [209.132.183.25]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id EF0E12932F for ; Mon, 10 Oct 2016 08:32:58 +0000 (UTC) Received: from lists01.pubmisc.prod.ext.phx2.redhat.com (lists01.pubmisc.prod.ext.phx2.redhat.com [10.5.19.33]) by mx4-phx2.redhat.com (8.13.8/8.13.8) with ESMTP id u9A8UfQJ012966; Mon, 10 Oct 2016 04:30:41 -0400 Received: from int-mx14.intmail.prod.int.phx2.redhat.com (int-mx14.intmail.prod.int.phx2.redhat.com [10.5.11.27]) by lists01.pubmisc.prod.ext.phx2.redhat.com (8.13.8/8.13.8) with ESMTP id u99DSsZw016539 for ; Sun, 9 Oct 2016 09:28:54 -0400 Received: from mx1.redhat.com (ext-mx05.extmail.prod.ext.phx2.redhat.com [10.5.110.29]) by int-mx14.intmail.prod.int.phx2.redhat.com (8.14.4/8.14.4) with ESMTP id u99DSsfv028341 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO); Sun, 9 Oct 2016 09:28:54 -0400 Received: from mail-lf0-f68.google.com (mail-lf0-f68.google.com [209.85.215.68]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by mx1.redhat.com (Postfix) with ESMTPS id 32C373DE3E; Sun, 9 Oct 2016 13:28:53 +0000 (UTC) Received: by mail-lf0-f68.google.com with SMTP id b75so5442899lfg.3; Sun, 09 Oct 2016 06:28:53 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-disposition:content-transfer-encoding:in-reply-to :user-agent; bh=AtGV0FrnB4Am3/9711mEetA7lZol/ISP6T6tZJK0RPg=; b=Mu5pVJ/anahauZ8a3ml2E4KAPXvIMc9exZcdPOe3RDliperfq9lXY5CM/CsW48Hap2 A11pexdr/ov2NRWTI0iQ/7Mf7zIIBAli7wwyM19mrPlt9WEKfEJmir+12G7yqDAAQf5w sRbEatQ2mF2QQIJBu6VoUk0nL5HUgRZagCcosLCOWtZPD3MEpb7s3rjbsdNQnA5F5BUR +PXxnn040kPByB4PzkPJI9rVzSOLn8ckrf8K1Ykw9ArYS9p51GIkAP6nArOzvQtIUu9S hXVBQxtjuMlUg1eL32F7AR71qAb1qiHFR1RG4gkzjWyP7FF9xIt6Iu6p6Ycrl2O+CwIt a2tA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:date:from:to:cc:subject:message-id:references :mime-version:content-disposition:content-transfer-encoding :in-reply-to:user-agent; bh=AtGV0FrnB4Am3/9711mEetA7lZol/ISP6T6tZJK0RPg=; b=fZVUx8TiUAMczmIgBLIWps9f9jDLTIpf64fp5+kj+pP3fzf0k4UA2ebEslROPotiCM 5rmuPj8vO5ckr/Hefx/o3Ho1/GZptOwFUMJUt7d5GrlUEUz+1Boy8LtM8lgGMK9Rjyw/ bNfEql6dnFX+2gzs6DnVyxpSoE4Azi6Wd+sCcp3BHSMDTWAQqlyg+IH8O+Tr+/ht76iq 6r0Svi3QIBePJeQH5VMyh22Q180ivLdGRDAvRx5ZU5HAvO4dbXqFY+aYpnhJSoiD8/np I/QIqQiVBKXQi8npr1/4LdDOCpt21szjWlSMnVF1jcecKMl1Ae998qpGczpCzr5FcoVt cLZQ== X-Gm-Message-State: AA6/9RmTN8ML7MlFQgbjM46kL0CDfSwe8Hfh2Pzh5df4zfQIzc2yUIM8Fla8tm+u75/INA== X-Received: by 10.25.204.139 with SMTP id c133mr12003527lfg.65.1476019731462; Sun, 09 Oct 2016 06:28:51 -0700 (PDT) Received: from obsidian (broadband-46-188-15-144.2com.net. [46.188.15.144]) by smtp.gmail.com with ESMTPSA id h7sm3982233ljh.21.2016.10.09.06.28.50 (version=TLS1_2 cipher=AES128-SHA bits=128/128); Sun, 09 Oct 2016 06:28:50 -0700 (PDT) Date: Sun, 9 Oct 2016 16:28:48 +0300 From: Eugene Syromyatnikov To: strace-devel@lists.sourceforge.net Message-ID: <20161009132848.GA2046@obsidian> References: <20161005.192828.566127461630656590.yamato@redhat.com> MIME-Version: 1.0 Content-Disposition: inline In-Reply-To: <20161005.192828.566127461630656590.yamato@redhat.com> User-Agent: Mutt/1.5.21 (2010-09-15) X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Sun, 09 Oct 2016 13:28:53 +0000 (UTC) X-Greylist: inspected by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.29]); Sun, 09 Oct 2016 13:28:53 +0000 (UTC) for IP:'209.85.215.68' DOMAIN:'mail-lf0-f68.google.com' HELO:'mail-lf0-f68.google.com' FROM:'evgsyr@gmail.com' RCPT:'' X-RedHat-Spam-Score: 0.68 (BAYES_50, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_MSPIKE_H3, RCVD_IN_MSPIKE_WL, SPF_PASS) 209.85.215.68 mail-lf0-f68.google.com 209.85.215.68 mail-lf0-f68.google.com X-Scanned-By: MIMEDefang 2.68 on 10.5.11.27 X-Scanned-By: MIMEDefang 2.78 on 10.5.110.29 X-loop: dm-devel@redhat.com X-Mailman-Approved-At: Mon, 10 Oct 2016 04:29:54 -0400 Cc: dm-devel@redhat.com, mpatocka@redhat.com, yamato@redhat.com Subject: [dm-devel] [PATCH 03/21] tests: Working around bounds check X-BeenThere: dm-devel@redhat.com X-Mailman-Version: 2.1.12 Precedence: junk List-Id: device-mapper development List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: dm-devel-bounces@redhat.com Errors-To: dm-devel-bounces@redhat.com X-Virus-Scanned: ClamAV using ClamSMTP When building with -Wp,-D_FORTIFY_SOURCE=2, dompiler produces the following warning: In file included from /usr/include/string.h:638:0, from ioctl_dm.c:4: In function ‘strcpy’, inlined from ‘main’ at ioctl_dm.c:57:8: /usr/include/bits/string3.h:104:3: warning: call to __builtin___strcpy_chk will always overflow destination buffer [enabled by default] return __builtin___strcpy_chk (__dest, __src, __bos (__dest)); ^ And later it aborts: [ 200s] FAIL: ioctl_dm [ 200s] ============== [ 200s] [ 200s] + ../strace -V [ 200s] + TIMEOUT='timeout -s 9 60' [ 200s] + timeout -s 9 60 true [ 200s] + exec timeout -s 9 60 ./ioctl_dm.test [ 200s] + run_prog [ 200s] + '[' 0 -eq 0 ']' [ 200s] + set -- ./ioctl_dm [ 200s] + args=./ioctl_dm [ 200s] + ./ioctl_dm [ 200s] *** buffer overflow detected ***: ./ioctl_dm terminated [ 200s] ======= Backtrace: ========= [ 200s] /lib64/libc.so.6(__fortify_fail+0x37)[0x7fbc8fa1acb7] [ 200s] /lib64/libc.so.6(+0x10be80)[0x7fbc8fa18e80] [ 200s] ./ioctl_dm[0x400616] [ 200s] /lib64/libc.so.6(__libc_start_main+0xf5)[0x7fbc8f92eaf5] [ 200s] ./ioctl_dm[0x400739] [ 200s] ======= Memory map: ======== [ 200s] 00400000-00401000 r-xp 00000000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm [ 200s] 00601000-00602000 r--p 00001000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm [ 200s] 00602000-00603000 rw-p 00002000 08:00 84792 /home/abuild/rpmbuild/BUILD/strace-4.13.0.260.af086/tests/ioctl_dm [ 200s] 02244000-02265000 rw-p 00000000 00:00 0 [heap] [ 200s] 7fbc8f6f5000-7fbc8f70a000 r-xp 00000000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1 [ 200s] 7fbc8f70a000-7fbc8f909000 ---p 00015000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1 [ 200s] 7fbc8f909000-7fbc8f90a000 r--p 00014000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1 [ 200s] 7fbc8f90a000-7fbc8f90b000 rw-p 00015000 08:00 131341 /usr/lib64/libgcc_s-4.8.2-20140120.so.1 [ 200s] 7fbc8f90d000-7fbc8fac3000 r-xp 00000000 08:00 131350 /usr/lib64/libc-2.17.so [ 200s] 7fbc8fac3000-7fbc8fcc3000 ---p 001b6000 08:00 131350 /usr/lib64/libc-2.17.so [ 200s] 7fbc8fcc3000-7fbc8fcc7000 r--p 001b6000 08:00 131350 /usr/lib64/libc-2.17.so [ 200s] 7fbc8fcc7000-7fbc8fcc9000 rw-p 001ba000 08:00 131350 /usr/lib64/libc-2.17.so [ 200s] 7fbc8fcc9000-7fbc8fcce000 rw-p 00000000 00:00 0 [ 200s] 7fbc8fcd5000-7fbc8fcf6000 r-xp 00000000 08:00 131343 /usr/lib64/ld-2.17.so [ 200s] 7fbc8fef1000-7fbc8fef5000 rw-p 00000000 00:00 0 [ 200s] 7fbc8fef5000-7fbc8fef6000 r--p 00020000 08:00 131343 /usr/lib64/ld-2.17.so [ 200s] 7fbc8fef6000-7fbc8fef7000 rw-p 00021000 08:00 131343 /usr/lib64/ld-2.17.so [ 200s] 7fbc8fef7000-7fbc8fef9000 rw-p 00000000 00:00 0 [ 200s] 7ffe9b7e3000-7ffe9b806000 rw-p 00000000 00:00 0 [stack] [ 200s] 7ffe9b84d000-7ffe9b84f000 r--p 00000000 00:00 0 [vvar] [ 200s] 7ffe9b84f000-7ffe9b851000 r-xp 00000000 00:00 0 [vdso] [ 200s] ffffffffff600000-ffffffffff601000 r-xp 00000000 00:00 0 [vsyscall] [ 200s] ./init.sh: line 53: 15162 Aborted "$@" [ 200s] + rc=134 [ 200s] + '[' 134 -eq 77 ']' [ 200s] + fail_ './ioctl_dm failed with code 134' [ 200s] + warn_ 'ioctl_dm.test: failed test: ./ioctl_dm failed with code 134' [ 200s] + printf '%s\n' 'ioctl_dm.test: failed test: ./ioctl_dm failed with code 134' [ 200s] ioctl_dm.test: failed test: ./ioctl_dm failed with code 134 [ 200s] + exit 1 It is due the fact that message field is 0-element array. Worked around by copying to string field with appropriate offset. --- tests/ioctl_dm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tests/ioctl_dm.c b/tests/ioctl_dm.c index a5945ae..cb6dd97 100644 --- a/tests/ioctl_dm.c +++ b/tests/ioctl_dm.c @@ -64,7 +64,8 @@ main(void) init_s(); s.u.tm.target_msg.sector = 0x1234; - strcpy(s.u.tm.target_msg.message, "tmsg"); + strcpy(s.u.string + offsetof(struct dm_target_msg, message), + "tmsg"); ioctl(-1, DM_TARGET_MSG, &s); printf("ioctl(-1, DM_TARGET_MSG, " "{version=4.1.2, dev=makedev(18, 52), name=\"nnn\", "