[PATCH] libsanitizer: fix SIGSEGV in fopen64 interceptor

public inbox for gcc-patches@gcc.gnu.org
 help / color / mirror / Atom feed

* [PATCH] libsanitizer: fix SIGSEGV in fopen64 interceptor
       [not found] <CGME20201119112725eucas1p19fab80fa0e278a5ef71a6116d051c132@eucas1p1.samsung.com>
@ 2020-11-19 11:28 ` Slava Barinov
  2020-11-19 16:41   ` Martin Liška
  0 siblings, 1 reply; 4+ messages in thread
From: Slava Barinov @ 2020-11-19 11:28 UTC (permalink / raw)
  To: gcc-patches; +Cc: Slava Barinov

Null pointer in path argument leads to SIGSEGV in interceptor.

libsanitizer/ChangeLog:
        * sanitizer_common/sanitizer_common_interceptors.inc: Check
	path for null before dereference in fopen64 interceptor.
---

Notes:
    Apparently check has been lost during merge from upstream

 libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
index 729eead43c0..2ef23d9a50b 100644
--- a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
@@ -6081,7 +6081,7 @@ INTERCEPTOR(__sanitizer_FILE *, freopen, const char *path, const char *mode,
 INTERCEPTOR(__sanitizer_FILE *, fopen64, const char *path, const char *mode) {
   void *ctx;
   COMMON_INTERCEPTOR_ENTER(ctx, fopen64, path, mode);
-  COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
+  if (path) COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
   COMMON_INTERCEPTOR_READ_RANGE(ctx, mode, REAL(strlen)(mode) + 1);
   __sanitizer_FILE *res = REAL(fopen64)(path, mode);
   COMMON_INTERCEPTOR_FILE_OPEN(ctx, res, path);
-- 
2.29.2


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] libsanitizer: fix SIGSEGV in fopen64 interceptor
  2020-11-19 11:28 ` [PATCH] libsanitizer: fix SIGSEGV in fopen64 interceptor Slava Barinov
@ 2020-11-19 16:41   ` Martin Liška
  2020-11-20  7:44     ` Vyacheslav Barinov
  0 siblings, 1 reply; 4+ messages in thread
From: Martin Liška @ 2020-11-19 16:41 UTC (permalink / raw)
  To: Slava Barinov, gcc-patches

On 11/19/20 12:28 PM, Slava Barinov via Gcc-patches wrote:
> Null pointer in path argument leads to SIGSEGV in interceptor.

Hello.

I can't see we ever had the null check in master. I don't this it was lost
during a merge from master.

Why do we need the hunk?
Thanks,
Martin

> 
> libsanitizer/ChangeLog:
>          * sanitizer_common/sanitizer_common_interceptors.inc: Check
> 	path for null before dereference in fopen64 interceptor.
> ---
> 
> Notes:
>      Apparently check has been lost during merge from upstream
> 
>   libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc | 2 +-
>   1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
> index 729eead43c0..2ef23d9a50b 100644
> --- a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
> +++ b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
> @@ -6081,7 +6081,7 @@ INTERCEPTOR(__sanitizer_FILE *, freopen, const char *path, const char *mode,
>   INTERCEPTOR(__sanitizer_FILE *, fopen64, const char *path, const char *mode) {
>     void *ctx;
>     COMMON_INTERCEPTOR_ENTER(ctx, fopen64, path, mode);
> -  COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
> +  if (path) COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
>     COMMON_INTERCEPTOR_READ_RANGE(ctx, mode, REAL(strlen)(mode) + 1);
>     __sanitizer_FILE *res = REAL(fopen64)(path, mode);
>     COMMON_INTERCEPTOR_FILE_OPEN(ctx, res, path);
> 


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] libsanitizer: fix SIGSEGV in fopen64 interceptor
  2020-11-19 16:41   ` Martin Liška
@ 2020-11-20  7:44     ` Vyacheslav Barinov
  2020-11-20  7:47       ` Martin Liška
  0 siblings, 1 reply; 4+ messages in thread
From: Vyacheslav Barinov @ 2020-11-20  7:44 UTC (permalink / raw)
  To: Martin Liška; +Cc: gcc-patches

Hello,

Okay, I proposed this check to upstream [1] and it has already been
accepted. We can either apply the fix or postpone it until next sync with
upstream.

Anyway the bug doesn't seem so bad if we were the only team who faced it during
all this time.

Best Regards,
Vyacheslav Barinov

[1]: https://reviews.llvm.org/D91782

Martin Liška <mliska@suse.cz> writes:

> On 11/19/20 12:28 PM, Slava Barinov via Gcc-patches wrote:
>> Null pointer in path argument leads to SIGSEGV in interceptor.
>
> Hello.
>
> I can't see we ever had the null check in master. I don't this it was lost
> during a merge from master.
>
> Why do we need the hunk?
> Thanks,
> Martin
>
>> libsanitizer/ChangeLog:
>>          * sanitizer_common/sanitizer_common_interceptors.inc: Check
>> 	path for null before dereference in fopen64 interceptor.
>> ---
>> Notes:
>>      Apparently check has been lost during merge from upstream
>>   libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>> diff --git a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
>> b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
>> index 729eead43c0..2ef23d9a50b 100644
>> --- a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
>> +++ b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
>> @@ -6081,7 +6081,7 @@ INTERCEPTOR(__sanitizer_FILE *, freopen, const char *path, const char *mode,
>>   INTERCEPTOR(__sanitizer_FILE *, fopen64, const char *path, const char *mode) {
>>     void *ctx;
>>     COMMON_INTERCEPTOR_ENTER(ctx, fopen64, path, mode);
>> -  COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
>> +  if (path) COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
>>     COMMON_INTERCEPTOR_READ_RANGE(ctx, mode, REAL(strlen)(mode) + 1);
>>     __sanitizer_FILE *res = REAL(fopen64)(path, mode);
>>     COMMON_INTERCEPTOR_FILE_OPEN(ctx, res, path);
>> 


^ permalink raw reply	[flat|nested] 4+ messages in thread

* Re: [PATCH] libsanitizer: fix SIGSEGV in fopen64 interceptor
  2020-11-20  7:44     ` Vyacheslav Barinov
@ 2020-11-20  7:47       ` Martin Liška
  0 siblings, 0 replies; 4+ messages in thread
From: Martin Liška @ 2020-11-20  7:47 UTC (permalink / raw)
  To: Vyacheslav Barinov; +Cc: gcc-patches

On 11/20/20 8:44 AM, Vyacheslav Barinov wrote:
> Hello,
> 
> Okay, I proposed this check to upstream [1] and it has already been
> accepted.

Hello.

Great. Please commit it to the llvm-project upstream and I'll make then
the patch cherry-pick.

> We can either apply the fix or postpone it until next sync with
> upstream.
> 
> Anyway the bug doesn't seem so bad if we were the only team who faced it during
> all this time.

I see! But we still want to cherry-pick it.

Thanks,
Martin

> 
> Best Regards,
> Vyacheslav Barinov
> 
> [1]: https://reviews.llvm.org/D91782
> 
> Martin Liška <mliska@suse.cz> writes:
> 
>> On 11/19/20 12:28 PM, Slava Barinov via Gcc-patches wrote:
>>> Null pointer in path argument leads to SIGSEGV in interceptor.
>>
>> Hello.
>>
>> I can't see we ever had the null check in master. I don't this it was lost
>> during a merge from master.
>>
>> Why do we need the hunk?
>> Thanks,
>> Martin
>>
>>> libsanitizer/ChangeLog:
>>>           * sanitizer_common/sanitizer_common_interceptors.inc: Check
>>> 	path for null before dereference in fopen64 interceptor.
>>> ---
>>> Notes:
>>>       Apparently check has been lost during merge from upstream
>>>    libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc | 2 +-
>>>    1 file changed, 1 insertion(+), 1 deletion(-)
>>> diff --git a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
>>> b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
>>> index 729eead43c0..2ef23d9a50b 100644
>>> --- a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
>>> +++ b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
>>> @@ -6081,7 +6081,7 @@ INTERCEPTOR(__sanitizer_FILE *, freopen, const char *path, const char *mode,
>>>    INTERCEPTOR(__sanitizer_FILE *, fopen64, const char *path, const char *mode) {
>>>      void *ctx;
>>>      COMMON_INTERCEPTOR_ENTER(ctx, fopen64, path, mode);
>>> -  COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
>>> +  if (path) COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
>>>      COMMON_INTERCEPTOR_READ_RANGE(ctx, mode, REAL(strlen)(mode) + 1);
>>>      __sanitizer_FILE *res = REAL(fopen64)(path, mode);
>>>      COMMON_INTERCEPTOR_FILE_OPEN(ctx, res, path);
>>>
> 


^ permalink raw reply	[flat|nested] 4+ messages in thread

end of thread, other threads:[~2020-11-20  7:47 UTC | newest]

Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
     [not found] <CGME20201119112725eucas1p19fab80fa0e278a5ef71a6116d051c132@eucas1p1.samsung.com>
2020-11-19 11:28 ` [PATCH] libsanitizer: fix SIGSEGV in fopen64 interceptor Slava Barinov
2020-11-19 16:41   ` Martin Liška
2020-11-20  7:44     ` Vyacheslav Barinov
2020-11-20  7:47       ` Martin Liška

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).