libbacktrace patch RFC: check size passed to backtrace_get_view

public inbox for gcc-patches@gcc.gnu.org
 help / color / mirror / Atom feed

From: Ian Lance Taylor <iant@golang.org>
To: Tom de Vries <tdevries@suse.de>
Cc: gcc-patches <gcc-patches@gcc.gnu.org>
Subject: libbacktrace patch RFC: check size passed to backtrace_get_view
Date: Fri, 18 Jan 2019 15:40:00 -0000	[thread overview]
Message-ID: <CAKOQZ8xKWT4AcGVXG-=brvvgE_oXmwtzO8+uRm+ax-4SDtrSZg@mail.gmail.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 520 bytes --]

I agree that checking the size passed to backtrace_get_view seems like
the most reliable approach to avoid problems with large files on
32-bit systems.  How does this patch look?

Ian


2019-01-18  Ian Lance Taylor  <iant@golang.org>

PR libbacktrace/88890
* mmapio.c (backtrace_get_view): Change size parameter to
uint64_t.  Check that value fits in size_t.
* read.c (backtrace_get_view): Likewise.
* internal.h (backtrace_get_view): Update declaration.
* elf.c (elf_add): Pass shstrhdr->sh_size to backtrace_get_view.

[-- Attachment #2: patch.txt --]
[-- Type: text/plain, Size: 2553 bytes --]

Index: elf.c
===================================================================
--- elf.c	(revision 268078)
+++ elf.c	(working copy)
@@ -2813,7 +2813,7 @@ elf_add (struct backtrace_state *state,
   shstr_size = shstrhdr->sh_size;
   shstr_off = shstrhdr->sh_offset;
 
-  if (!backtrace_get_view (state, descriptor, shstr_off, shstr_size,
+  if (!backtrace_get_view (state, descriptor, shstr_off, shstrhdr->sh_size,
 			   error_callback, data, &names_view))
     goto fail;
   names_view_valid = 1;
Index: internal.h
===================================================================
--- internal.h	(revision 268078)
+++ internal.h	(working copy)
@@ -179,7 +179,7 @@ struct backtrace_view
 /* Create a view of SIZE bytes from DESCRIPTOR at OFFSET.  Store the
    result in *VIEW.  Returns 1 on success, 0 on error.  */
 extern int backtrace_get_view (struct backtrace_state *state, int descriptor,
-			       off_t offset, size_t size,
+			       off_t offset, uint64_t size,
 			       backtrace_error_callback error_callback,
 			       void *data, struct backtrace_view *view);
 
Index: mmapio.c
===================================================================
--- mmapio.c	(revision 268078)
+++ mmapio.c	(working copy)
@@ -51,7 +51,7 @@ POSSIBILITY OF SUCH DAMAGE.  */
 
 int
 backtrace_get_view (struct backtrace_state *state ATTRIBUTE_UNUSED,
-		    int descriptor, off_t offset, size_t size,
+		    int descriptor, off_t offset, uint64_t size,
 		    backtrace_error_callback error_callback,
 		    void *data, struct backtrace_view *view)
 {
@@ -60,6 +60,12 @@ backtrace_get_view (struct backtrace_sta
   off_t pageoff;
   void *map;
 
+  if ((uint64_t) (size_t) size != size)
+    {
+      error_callback (data, "file size too large", 0);
+      return 0;
+    }
+
   pagesize = getpagesize ();
   inpage = offset % pagesize;
   pageoff = offset - inpage;
Index: read.c
===================================================================
--- read.c	(revision 268078)
+++ read.c	(working copy)
@@ -46,12 +46,18 @@ POSSIBILITY OF SUCH DAMAGE.  */
 
 int
 backtrace_get_view (struct backtrace_state *state, int descriptor,
-		    off_t offset, size_t size,
+		    off_t offset, uint64_t size,
 		    backtrace_error_callback error_callback,
 		    void *data, struct backtrace_view *view)
 {
   ssize_t got;
 
+  if ((uint64_t) (size_t) size != size)
+    {
+      error_callback (data, "file size too large", 0);
+      return 0;
+    }
+
   if (lseek (descriptor, offset, SEEK_SET) < 0)
     {
       error_callback (data, "lseek", errno);

next             reply	other threads:[~2019-01-18 15:40 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-01-18 15:40 Ian Lance Taylor [this message]
2019-01-18 16:18 ` Tom de Vries
2019-01-18 17:16   ` Ian Lance Taylor

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CAKOQZ8xKWT4AcGVXG-=brvvgE_oXmwtzO8+uRm+ax-4SDtrSZg@mail.gmail.com' \
    --to=iant@golang.org \
    --cc=gcc-patches@gcc.gnu.org \
    --cc=tdevries@suse.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).