From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qt1-x844.google.com (mail-qt1-x844.google.com [IPv6:2607:f8b0:4864:20::844]) by sourceware.org (Postfix) with ESMTPS id 9BDA83972023 for ; Thu, 26 Nov 2020 20:37:17 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org 9BDA83972023 Received: by mail-qt1-x844.google.com with SMTP id z3so1906126qtw.9 for ; Thu, 26 Nov 2020 12:37:17 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:to:cc:references:from:autocrypt:subject :message-id:date:user-agent:mime-version:in-reply-to :content-language:content-transfer-encoding; bh=F+OrHrGLG11viLMJFW2i5WmMfSSPniBOoRoJVnNccRU=; b=VVjfiQ5hpEJOzUgjGwsL4FDMXPb0gwJa3JZgvcRvGjcXV+iVHz+/zW2ipKRvtUrq3y Evc2PfHZIoAObympIhJmr2DWxjzxYxE/+Lx0JbgNSZIW0flO0bdd/LIeClQ+FKlSdvlz BI//Qj2gVF0y9W/bTYNUiLBjFWMRMHEzBGS7kyJEzRYforXTMtRB0ZaMkLnvWKHJO2Bk OF12z4PP9d+2QEzsNKyx9uS9LXt3GBEfZucgDtT4/YzCcv5NRqEPhh36Fa714kHYUU+7 96dsvAyqwo3jdIAnWOWCKJNFJjW0bAaiVhMaH8p5nfljTf/gRDYpTM1Ce6aWPTanbhmK eB7w== X-Gm-Message-State: AOAM531sRNtvhpIn8LnCOYNZnjShdE+7LJDUn3biC3I/xJXI4AIWPo3P X9+TF7r9N365jjzD4UB1ShnuRw== X-Google-Smtp-Source: ABdhPJyuVEq3IomVCtWHZen2/5D3zmZui9ACmhdammF0P9/TZs2mdl7g9dh1unYgGJNi5PhUiKwlFg== X-Received: by 2002:ac8:7a70:: with SMTP id w16mr4878181qtt.61.1606423037167; Thu, 26 Nov 2020 12:37:17 -0800 (PST) Received: from [192.168.1.4] ([177.194.48.209]) by smtp.googlemail.com with ESMTPSA id z125sm3670727qke.18.2020.11.26.12.37.14 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128); Thu, 26 Nov 2020 12:37:16 -0800 (PST) To: Xiaoming Ni , eggert@cs.ucla.edu, libc-alpha@sourceware.org, carlos@redhat.com, glibc-bugs@sourceware.org, drepper.fsp@gmail.com, unassigned@sourceware.org Cc: wangle6@huawei.com References: <20201126030634.52822-1-nixiaoming@huawei.com> From: Adhemerval Zanella Autocrypt: addr=adhemerval.zanella@linaro.org; prefer-encrypt=mutual; keydata= mQINBFcVGkoBEADiQU2x/cBBmAVf5C2d1xgz6zCnlCefbqaflUBw4hB/bEME40QsrVzWZ5Nq 8kxkEczZzAOKkkvv4pRVLlLn/zDtFXhlcvQRJ3yFMGqzBjofucOrmdYkOGo0uCaoJKPT186L NWp53SACXguFJpnw4ODI64ziInzXQs/rUJqrFoVIlrPDmNv/LUv1OVPKz20ETjgfpg8MNwG6 iMizMefCl+RbtXbIEZ3TE/IaDT/jcOirjv96lBKrc/pAL0h/O71Kwbbp43fimW80GhjiaN2y WGByepnkAVP7FyNarhdDpJhoDmUk9yfwNuIuESaCQtfd3vgKKuo6grcKZ8bHy7IXX1XJj2X/ BgRVhVgMHAnDPFIkXtP+SiarkUaLjGzCz7XkUn4XAGDskBNfbizFqYUQCaL2FdbW3DeZqNIa nSzKAZK7Dm9+0VVSRZXP89w71Y7JUV56xL/PlOE+YKKFdEw+gQjQi0e+DZILAtFjJLoCrkEX w4LluMhYX/X8XP6/C3xW0yOZhvHYyn72sV4yJ1uyc/qz3OY32CRy+bwPzAMAkhdwcORA3JPb kPTlimhQqVgvca8m+MQ/JFZ6D+K7QPyvEv7bQ7M+IzFmTkOCwCJ3xqOD6GjX3aphk8Sr0dq3 4Awlf5xFDAG8dn8Uuutb7naGBd/fEv6t8dfkNyzj6yvc4jpVxwARAQABtElBZGhlbWVydmFs IFphbmVsbGEgTmV0dG8gKExpbmFybyBWUE4gS2V5KSA8YWRoZW1lcnZhbC56YW5lbGxhQGxp bmFyby5vcmc+iQI3BBMBCAAhBQJXFRpKAhsDBQsJCAcDBRUKCQgLBRYCAwEAAh4BAheAAAoJ EKqx7BSnlIjv0e8P/1YOYoNkvJ+AJcNUaM5a2SA9oAKjSJ/M/EN4Id5Ow41ZJS4lUA0apSXW NjQg3VeVc2RiHab2LIB4MxdJhaWTuzfLkYnBeoy4u6njYcaoSwf3g9dSsvsl3mhtuzm6aXFH /Qsauav77enJh99tI4T+58rp0EuLhDsQbnBic/ukYNv7sQV8dy9KxA54yLnYUFqH6pfH8Lly sTVAMyi5Fg5O5/hVV+Z0Kpr+ZocC1YFJkTsNLAW5EIYSP9ftniqaVsim7MNmodv/zqK0IyDB GLLH1kjhvb5+6ySGlWbMTomt/or/uvMgulz0bRS+LUyOmlfXDdT+t38VPKBBVwFMarNuREU2 69M3a3jdTfScboDd2ck1u7l+QbaGoHZQ8ZNUrzgObltjohiIsazqkgYDQzXIMrD9H19E+8fw kCNUlXxjEgH/Kg8DlpoYJXSJCX0fjMWfXywL6ZXc2xyG/hbl5hvsLNmqDpLpc1CfKcA0BkK+ k8R57fr91mTCppSwwKJYO9T+8J+o4ho/CJnK/jBy1pWKMYJPvvrpdBCWq3MfzVpXYdahRKHI ypk8m4QlRlbOXWJ3TDd/SKNfSSrWgwRSg7XCjSlR7PNzNFXTULLB34sZhjrN6Q8NQZsZnMNs TX8nlGOVrKolnQPjKCLwCyu8PhllU8OwbSMKskcD1PSkG6h3r0AquQINBFcVGkoBEACgAdbR Ck+fsfOVwT8zowMiL3l9a2DP3Eeak23ifdZG+8Avb/SImpv0UMSbRfnw/N81IWwlbjkjbGTu oT37iZHLRwYUFmA8fZX0wNDNKQUUTjN6XalJmvhdz9l71H3WnE0wneEM5ahu5V1L1utUWTyh VUwzX1lwJeV3vyrNgI1kYOaeuNVvq7npNR6t6XxEpqPsNc6O77I12XELic2+36YibyqlTJIQ V1SZEbIy26AbC2zH9WqaKyGyQnr/IPbTJ2Lv0dM3RaXoVf+CeK7gB2B+w1hZummD21c1Laua +VIMPCUQ+EM8W9EtX+0iJXxI+wsztLT6vltQcm+5Q7tY+HFUucizJkAOAz98YFucwKefbkTp eKvCfCwiM1bGatZEFFKIlvJ2QNMQNiUrqJBlW9nZp/k7pbG3oStOjvawD9ZbP9e0fnlWJIsj 6c7pX354Yi7kxIk/6gREidHLLqEb/otuwt1aoMPg97iUgDV5mlNef77lWE8vxmlY0FBWIXuZ yv0XYxf1WF6dRizwFFbxvUZzIJp3spAao7jLsQj1DbD2s5+S1BW09A0mI/1DjB6EhNN+4bDB SJCOv/ReK3tFJXuj/HbyDrOdoMt8aIFbe7YFLEExHpSk+HgN05Lg5TyTro8oW7TSMTk+8a5M kzaH4UGXTTBDP/g5cfL3RFPl79ubXwARAQABiQIfBBgBCAAJBQJXFRpKAhsMAAoJEKqx7BSn lIjvI/8P/jg0jl4Tbvg3B5kT6PxJOXHYu9OoyaHLcay6Cd+ZrOd1VQQCbOcgLFbf4Yr+rE9l mYsY67AUgq2QKmVVbn9pjvGsEaz8UmfDnz5epUhDxC6yRRvY4hreMXZhPZ1pbMa6A0a/WOSt AgFj5V6Z4dXGTM/lNManr0HjXxbUYv2WfbNt3/07Db9T+GZkpUotC6iknsTA4rJi6u2ls0W9 1UIvW4o01vb4nZRCj4rni0g6eWoQCGoVDk/xFfy7ZliR5B+3Z3EWRJcQskip/QAHjbLa3pml xAZ484fVxgeESOoaeC9TiBIp0NfH8akWOI0HpBCiBD5xaCTvR7ujUWMvhsX2n881r/hNlR9g fcE6q00qHSPAEgGr1bnFv74/1vbKtjeXLCcRKk3Ulw0bY1OoDxWQr86T2fZGJ/HIZuVVBf3+ gaYJF92GXFynHnea14nFFuFgOni0Mi1zDxYH/8yGGBXvo14KWd8JOW0NJPaCDFJkdS5hu0VY 7vJwKcyHJGxsCLU+Et0mryX8qZwqibJIzu7kUJQdQDljbRPDFd/xmGUFCQiQAncSilYOcxNU EMVCXPAQTteqkvA+gNqSaK1NM9tY0eQ4iJpo+aoX8HAcn4sZzt2pfUB9vQMTBJ2d4+m/qO6+ cFTAceXmIoFsN8+gFN3i8Is3u12u8xGudcBPvpoy4OoG Subject: Re: [PATCH v5] io:nftw/ftw:fix stack overflow when large nopenfd [BZ #26353] Message-ID: <509d90c5-d9b8-f941-a2e7-842bacbc8892@linaro.org> Date: Thu, 26 Nov 2020 17:37:12 -0300 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:68.0) Gecko/20100101 Thunderbird/68.10.0 MIME-Version: 1.0 In-Reply-To: <20201126030634.52822-1-nixiaoming@huawei.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-14.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, KAM_SHORT, NICE_REPLY_A, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: glibc-bugs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Glibc-bugs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 26 Nov 2020 20:37:19 -0000 On 26/11/2020 00:06, Xiaoming Ni wrote: > In ftw_startup(), call alloca to apply for a large amount of stack space. > When descriptors is very large, stack overflow is triggered. BZ #26353 > > Replace the memory application of data.dirstreams from alloca() to malloc() > by referring to the memory application of data.dirbuf in the current function. > Combine the memory allocation of data.dirbuf and data.dirstreams according > to the advice of Adhemerval Zanella. > > ------------------- > v5: > Based on Adhemerval Zanella's review comments, > Use TEST_COMPARE to replace some code for checking return values in testcase. > > v4: https://public-inbox.org/libc-alpha/20201125100659.30923-1-nixiaoming@huawei.com/ > Based on Adhemerval Zanella's review comments, > use support_capture_subprocess_check() to rewrite testcase. > > v3: https://public-inbox.org/libc-alpha/20201124131652.111854-1-nixiaoming@huawei.com/ > Combine the memory allocation of data.dirbuf and data.dirstreams, > according to the advice of Adhemerval Zanella. > remove the upper limit check of descriptors. > > v2: https://public-inbox.org/libc-alpha/20200815070851.46403-1-nixiaoming@huawei.com/ > not set errno after malloc fails. > add check ftw return value on testcase. > add more testcase. > > v1: https://public-inbox.org/libc-alpha/20200808084640.49174-1-nixiaoming@huawei.com/ LGTM, I have pushed it with some minor changes below. Reviewed-by: Adhemerval Zanella > --- > io/Makefile | 3 +- > io/ftw.c | 16 +++++----- > io/tst-bz26353.c | 76 ++++++++++++++++++++++++++++++++++++++++++++++++ > 3 files changed, 87 insertions(+), 8 deletions(-) > create mode 100644 io/tst-bz26353.c > > diff --git a/io/Makefile b/io/Makefile > index 6dd2c33fcf..7845d07f45 100644 > --- a/io/Makefile > +++ b/io/Makefile > @@ -68,7 +68,8 @@ tests := test-utime test-stat test-stat2 test-lfs tst-getcwd \ > tst-posix_fallocate tst-posix_fallocate64 \ > tst-fts tst-fts-lfs tst-open-tmpfile \ > tst-copy_file_range tst-getcwd-abspath tst-lockf \ > - tst-ftw-lnk tst-file_change_detection tst-lchmod > + tst-ftw-lnk tst-file_change_detection tst-lchmod \ > + tst-bz26353 > I renamed the new test to tst-ftw-bz26353 > # Likewise for statx, but we do not need static linking here. > tests-internal += tst-statx > diff --git a/io/ftw.c b/io/ftw.c > index 7104816e85..92e08c5431 100644 > --- a/io/ftw.c > +++ b/io/ftw.c > @@ -646,15 +646,17 @@ ftw_startup (const char *dir, int is_nftw, void *func, int descriptors, > > data.maxdir = descriptors < 1 ? 1 : descriptors; > data.actdir = 0; > - data.dirstreams = (struct dir_data **) alloca (data.maxdir > - * sizeof (struct dir_data *)); > - memset (data.dirstreams, '\0', data.maxdir * sizeof (struct dir_data *)); > - > /* PATH_MAX is always defined when we get here. */ > data.dirbufsize = MAX (2 * strlen (dir), PATH_MAX); > - data.dirbuf = (char *) malloc (data.dirbufsize); > - if (data.dirbuf == NULL) > + data.dirstreams = malloc (data.maxdir * sizeof (struct dir_data *) > + + data.dirbufsize); > + if (data.dirstreams == NULL) > return -1; > + > + memset (data.dirstreams, '\0', data.maxdir * sizeof (struct dir_data *)); > + > + data.dirbuf = (char *) data.dirstreams > + + data.maxdir * sizeof (struct dir_data *); > cp = __stpcpy (data.dirbuf, dir); > /* Strip trailing slashes. */ > while (cp > data.dirbuf + 1 && cp[-1] == '/') > @@ -803,7 +805,7 @@ ftw_startup (const char *dir, int is_nftw, void *func, int descriptors, > out_fail: > save_err = errno; > __tdestroy (data.known_objects, free); > - free (data.dirbuf); > + free (data.dirstreams); > __set_errno (save_err); > > return result; > diff --git a/io/tst-bz26353.c b/io/tst-bz26353.c > new file mode 100644 > index 0000000000..2730da4cfb > --- /dev/null > +++ b/io/tst-bz26353.c > @@ -0,0 +1,76 @@ > +/* test ftw bz26353: Check whether stack overflow occurs when the value > + of the nopenfd parameter is too large. > + > + Copyright (C) 2020 Free Software Foundation, Inc. > + This file is part of the GNU C Library. > + > + The GNU C Library is free software; you can redistribute it and/or > + modify it under the terms of the GNU Lesser General Public > + License as published by the Free Software Foundation; either > + version 2.1 of the License, or (at your option) any later version. > + > + The GNU C Library is distributed in the hope that it will be useful, > + but WITHOUT ANY WARRANTY; without even the implied warranty of > + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU > + Lesser General Public License for more details. > + > + You should have received a copy of the GNU Lesser General Public > + License along with the GNU C Library; if not, see > + . */ > + > +#include > +#include > +#include > +#include > +#include > + > +#include > +#include > +#include > + > +static int > +my_func (const char *file, const struct stat *sb, int flag) > +{ > + return 0; > +} > + > +static int > +get_large_nopenfd_by_RLIMIT_STACK (void) > +{ > + struct rlimit r; > + TEST_COMPARE (getrlimit (RLIMIT_STACK, &r), 0); > + if (r.rlim_cur == RLIM_INFINITY) > + { > + r.rlim_cur = 8 * 1024 * 1024; > + TEST_COMPARE (setrlimit (RLIMIT_STACK, &r), 0); > + } > + return (int) r.rlim_cur; > +} > + > +static void > +do_ftw (void *unused) > +{ > + char *tempdir = support_create_temp_directory ("tst-bz26353"); > + int large_nopenfd = get_large_nopenfd_by_RLIMIT_STACK (); > + int ret = ftw (tempdir, my_func, large_nopenfd); > + if (ret != 0) > + { > + printf ("ftw() fail but no stack overflow: nopenfd=%d ret=%d errno=%d\n", > + large_nopenfd, ret, errno); > + } I changed to: TEST_COMPARE (ftw (tempdir, my_func, large_nopenfd), 0); > + free (tempdir); > + exit (ret); > +} > + > +/*Check whether stack overflow occurs*/ > +static int > +do_test (void) > +{ > + struct support_capture_subprocess result; > + result = support_capture_subprocess (do_ftw, NULL); > + support_capture_subprocess_check (&result, "bz26353", 0, sc_allow_none); > + support_capture_subprocess_free (&result); > + return 0; > +} > + > +#include >