From: Ian Lance Taylor <iant@golang.org>
To: Tom de Vries <tdevries@suse.de>
Cc: gcc-patches <gcc-patches@gcc.gnu.org>
Subject: libbacktrace patch RFC: check size passed to backtrace_get_view
Date: Fri, 18 Jan 2019 15:40:00 -0000 [thread overview]
Message-ID: <CAKOQZ8xKWT4AcGVXG-=brvvgE_oXmwtzO8+uRm+ax-4SDtrSZg@mail.gmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 520 bytes --]
I agree that checking the size passed to backtrace_get_view seems like
the most reliable approach to avoid problems with large files on
32-bit systems. How does this patch look?
Ian
2019-01-18 Ian Lance Taylor <iant@golang.org>
PR libbacktrace/88890
* mmapio.c (backtrace_get_view): Change size parameter to
uint64_t. Check that value fits in size_t.
* read.c (backtrace_get_view): Likewise.
* internal.h (backtrace_get_view): Update declaration.
* elf.c (elf_add): Pass shstrhdr->sh_size to backtrace_get_view.
[-- Attachment #2: patch.txt --]
[-- Type: text/plain, Size: 2553 bytes --]
Index: elf.c
===================================================================
--- elf.c (revision 268078)
+++ elf.c (working copy)
@@ -2813,7 +2813,7 @@ elf_add (struct backtrace_state *state,
shstr_size = shstrhdr->sh_size;
shstr_off = shstrhdr->sh_offset;
- if (!backtrace_get_view (state, descriptor, shstr_off, shstr_size,
+ if (!backtrace_get_view (state, descriptor, shstr_off, shstrhdr->sh_size,
error_callback, data, &names_view))
goto fail;
names_view_valid = 1;
Index: internal.h
===================================================================
--- internal.h (revision 268078)
+++ internal.h (working copy)
@@ -179,7 +179,7 @@ struct backtrace_view
/* Create a view of SIZE bytes from DESCRIPTOR at OFFSET. Store the
result in *VIEW. Returns 1 on success, 0 on error. */
extern int backtrace_get_view (struct backtrace_state *state, int descriptor,
- off_t offset, size_t size,
+ off_t offset, uint64_t size,
backtrace_error_callback error_callback,
void *data, struct backtrace_view *view);
Index: mmapio.c
===================================================================
--- mmapio.c (revision 268078)
+++ mmapio.c (working copy)
@@ -51,7 +51,7 @@ POSSIBILITY OF SUCH DAMAGE. */
int
backtrace_get_view (struct backtrace_state *state ATTRIBUTE_UNUSED,
- int descriptor, off_t offset, size_t size,
+ int descriptor, off_t offset, uint64_t size,
backtrace_error_callback error_callback,
void *data, struct backtrace_view *view)
{
@@ -60,6 +60,12 @@ backtrace_get_view (struct backtrace_sta
off_t pageoff;
void *map;
+ if ((uint64_t) (size_t) size != size)
+ {
+ error_callback (data, "file size too large", 0);
+ return 0;
+ }
+
pagesize = getpagesize ();
inpage = offset % pagesize;
pageoff = offset - inpage;
Index: read.c
===================================================================
--- read.c (revision 268078)
+++ read.c (working copy)
@@ -46,12 +46,18 @@ POSSIBILITY OF SUCH DAMAGE. */
int
backtrace_get_view (struct backtrace_state *state, int descriptor,
- off_t offset, size_t size,
+ off_t offset, uint64_t size,
backtrace_error_callback error_callback,
void *data, struct backtrace_view *view)
{
ssize_t got;
+ if ((uint64_t) (size_t) size != size)
+ {
+ error_callback (data, "file size too large", 0);
+ return 0;
+ }
+
if (lseek (descriptor, offset, SEEK_SET) < 0)
{
error_callback (data, "lseek", errno);
next reply other threads:[~2019-01-18 15:40 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2019-01-18 15:40 Ian Lance Taylor [this message]
2019-01-18 16:18 ` Tom de Vries
2019-01-18 17:16 ` Ian Lance Taylor
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAKOQZ8xKWT4AcGVXG-=brvvgE_oXmwtzO8+uRm+ax-4SDtrSZg@mail.gmail.com' \
--to=iant@golang.org \
--cc=gcc-patches@gcc.gnu.org \
--cc=tdevries@suse.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).