public inbox for elfutils@sourceware.org
 help / color / mirror / Atom feed
From: Mark Wielaard <mark@klomp.org>
To: Di Chen <dichen@redhat.com>
Cc: elfutils-devel@sourceware.org
Subject: Re: ☠ Buildbot (GNU Toolchain): elfutils - failed test (failure) (master)
Date: Mon, 1 Aug 2022 11:13:06 +0200	[thread overview]
Message-ID: <YueZIv+8wL7Au548@wildebeest.org> (raw)
In-Reply-To: <YucZ0L9CL6Wu20gn@wildebeest.org>

[-- Attachment #1: Type: text/plain, Size: 2139 bytes --]

Hi,

On Mon, Aug 01, 2022 at 02:09:52AM +0200, Mark Wielaard wrote:
> > - 7: make check ( failure )
> >     Logs:
> >         - stdio: https://builder.sourceware.org/buildbot/#builders/43/builds/47/steps/7/logs/stdio
> >         - test-suite.log: https://builder.sourceware.org/buildbot/#builders/43/builds/47/steps/7/logs/test-suite_log
> 
> So that is in the one little addition I made:
> 
> -==3856043== Invalid read of size 1
> -==3856043==    at 0x484EBE8: memrchr (vg_replace_strmem.c:1012)
> -==3856043==    by 0x100FEDF: handle_dynamic (readelf.c:1909)
> -==3856043==    by 0x102061D: print_dynamic (readelf.c:2013)
> -==3856043==    by 0x102061D: process_elf_file (readelf.c:1034)
> -==3856043==    by 0x1021FDB: process_dwflmod (readelf.c:818)
> -==3856043==    by 0x4962BCF: dwfl_getmodules (dwfl_getmodules.c:86)
> -==3856043==    by 0x100E175: process_file (readelf.c:926)
> -==3856043==    by 0x1006A75: main (readelf.c:395)
> -==3856043==  Address 0x56df358 is 24 bytes before a block of size 264 alloc'd
> -==3856043==    at 0x484C002: calloc (vg_replace_malloc.c:1328)
> -==3856043==    by 0x4A4EED9: elf_getdata_rawchunk (elf_getdata_rawchunk.c:173)
> -==3856043==    by 0x1010621: get_dynscn_strtab (readelf.c:4958)
> -==3856043==    by 0x1010621: handle_dynamic (readelf.c:1884)
> -==3856043==    by 0x102061D: print_dynamic (readelf.c:2013)
> -==3856043==    by 0x102061D: process_elf_file (readelf.c:1034)
> -==3856043==    by 0x1021FDB: process_dwflmod (readelf.c:818)
> -==3856043==    by 0x4962BCF: dwfl_getmodules (dwfl_getmodules.c:86)
> -==3856043==    by 0x100E175: process_file (readelf.c:926)
> -==3856043==    by 0x1006A75: main (readelf.c:395)
> 
> I am staring at the code, but don't immediately see which mistake I
> made.  Maybe I should use d_val instead of d_ptr (but those are both
> uint64_t so that shouldn't really matter).

Doh. Even though memchr searches backwards, it takes the start of the
buffer instead of the end of the buffer as argument. Fixed as
attached, also cleaned up the use of d_val vs d_ptr. Pushed after
verifying with a try- build that it really fixes the issue.

Cheers,

Mark

[-- Attachment #2: 0001-readelf-memrchr-searches-backwards-but-takes-the-sta.patch --]
[-- Type: text/x-diff, Size: 1708 bytes --]

From d0ff4e224738adf34eba38dc33ffda67e5da6634 Mon Sep 17 00:00:00 2001
From: Mark Wielaard <mark@klomp.org>
Date: Mon, 1 Aug 2022 02:02:16 +0200
Subject: [PATCH] readelf: memrchr searches backwards but takes the start buf
 as argument

The bug (caught by valgrind) was giving memrchr to end of the buffer.

Also as cleanup, Use d_val not d_ptr for calculating offset.
---
 src/ChangeLog | 5 +++++
 src/readelf.c | 8 ++++----
 2 files changed, 9 insertions(+), 4 deletions(-)

diff --git a/src/ChangeLog b/src/ChangeLog
index db20a6ef..42ce6640 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,8 @@
+2022-08-01  Mark Wielaard  <mark@klomp.org>
+
+	* readelf.c (handle_dynamic): Pass start of buffer to memrchr.
+	Use dyn->d_un.d_val for offsets instead of d_ptr.
+
 2022-04-28  Di Chen  <dichen@redhat.com>
 
 	* readelf.c (options): Add use-dynamic 'D'.
diff --git a/src/readelf.c b/src/readelf.c
index f4d973da..f1f77ce8 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -1905,10 +1905,10 @@ handle_dynamic (Ebl *ebl, Elf_Scn *scn, GElf_Shdr *shdr, GElf_Phdr *phdr)
 	{
 	  if (! use_dynamic_segment)
 	    name = elf_strptr (ebl->elf, shdr->sh_link, dyn->d_un.d_val);
-	  else if (dyn->d_un.d_ptr < strtab_data->d_size
-		   && memrchr (strtab_data->d_buf + strtab_data->d_size - 1, '\0',
-			       strtab_data->d_size - 1 - dyn->d_un.d_ptr) != NULL)
-	    name = ((char *) strtab_data->d_buf) + dyn->d_un.d_ptr;
+	  else if (dyn->d_un.d_val < strtab_data->d_size
+		   && memrchr (strtab_data->d_buf + dyn->d_un.d_val, '\0',
+			       strtab_data->d_size - 1 - dyn->d_un.d_val) != NULL)
+	    name = ((char *) strtab_data->d_buf) + dyn->d_un.d_val;
 	}
 
       switch (dyn->d_tag)
-- 
2.30.2


  reply	other threads:[~2022-08-01  9:13 UTC|newest]

Thread overview: 45+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-07-31 23:54 builder
2022-08-01  0:09 ` Mark Wielaard
2022-08-01  9:13   ` Mark Wielaard [this message]
  -- strict thread matches above, loose matches on Subject: below --
2023-01-14  2:51 builder
2022-12-21 18:22 builder
2022-12-19 23:56 builder
2022-12-12 14:31 builder
2022-11-28 13:30 builder
2022-11-04 22:29 builder
2022-11-03 15:27 builder
2022-11-02 13:39 builder
2022-11-02 14:19 ` Mark Wielaard
2022-11-02  1:15 builder
2022-11-02 12:06 ` Mark Wielaard
2022-11-01 21:28 builder
2022-10-31 13:51 builder
2022-10-27 19:25 builder
2022-10-17 14:59 builder
2022-10-17  9:08 builder
2022-10-17 10:26 ` Mark Wielaard
2022-10-17 11:02   ` Frank Ch. Eigler
2022-10-17 14:09     ` Frank Ch. Eigler
2022-10-16 21:02 builder
2022-10-16 15:47 builder
2022-10-16 16:26 ` Mark Wielaard
2022-10-13 16:51 builder
2022-09-14 19:36 builder
2022-05-28  9:15 builder
2022-05-28  9:35 ` Mark Wielaard
2022-05-28  9:43   ` Mark Wielaard
2022-06-02 15:44     ` Mark Wielaard
2022-05-27 16:02 builder
2022-05-27 22:30 ` Mark Wielaard
2022-05-28  2:34   ` Frank Ch. Eigler
2022-05-28  9:04     ` Mark Wielaard
2022-05-14 15:34 builder
2022-05-14 16:40 ` Mark Wielaard
2022-05-14 14:42 builder
2022-05-04 15:34 builder
2022-05-04 17:44 ` Mark Wielaard
2022-04-23 13:19 builder
2022-04-23  1:19 builder
2022-04-23  1:31 ` Mark Wielaard
2022-04-19  9:05 builder
2022-04-19  9:28 ` Mark Wielaard

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=YueZIv+8wL7Au548@wildebeest.org \
    --to=mark@klomp.org \
    --cc=dichen@redhat.com \
    --cc=elfutils-devel@sourceware.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).