From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from bird.elm.relay.mailchannels.net (bird.elm.relay.mailchannels.net [23.83.212.17]) by sourceware.org (Postfix) with ESMTPS id 9B2733858D37 for ; Mon, 20 Nov 2023 21:49:00 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 9B2733858D37 Authentication-Results: sourceware.org; dmarc=fail (p=none dis=none) header.from=sourceware.org Authentication-Results: sourceware.org; spf=fail smtp.mailfrom=sourceware.org ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 9B2733858D37 Authentication-Results: server2.sourceware.org; arc=pass smtp.remote-ip=23.83.212.17 ARC-Seal: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1700516942; cv=pass; b=Lp4jci+EQc+0zgrIVl9yDOa3Y63S3LEUjCQ+rgxb7vsxOCsBW6wftPCH4gRWomqEnCO8Pe7nXjcW7Lq8LtYtLayAsxbrBYGbDWn1pt4Y9I4xwEVx+GNbtc7/2uUturrQX6Oc8sIgLXxQdalOOrAB6FsWJF3SlWP2u+uUhH3NPhM= ARC-Message-Signature: i=2; a=rsa-sha256; d=sourceware.org; s=key; t=1700516942; c=relaxed/simple; bh=QtOlsBcgaVIsGA3AgNbwmaPD9vhPEvY9ArqlDSu2hMg=; h=Message-ID:Date:MIME-Version:Subject:To:From; b=wnDrLxga3sp0Jc8UnrRuA/Ypqf8qtYOM+2esHEe0wGUIyOfeD1JZbeOwNF5C1NrHEaaGXhb1TaYtg7/KIG0fScvEfJVl3iLRQ4QN38OjQH/YHanrSdHbm8Hpvfox5odpU87XzelsKQ1FvlfakzCNc8pzf6gH8OI15uJ0m1BjbeM= ARC-Authentication-Results: i=2; server2.sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org Received: from relay.mailchannels.net (localhost [127.0.0.1]) by relay.mailchannels.net (Postfix) with ESMTP id 8031DC181A; Mon, 20 Nov 2023 21:48:59 +0000 (UTC) Received: from pdx1-sub0-mail-a272.dreamhost.com (unknown [127.0.0.6]) (Authenticated sender: dreamhost) by relay.mailchannels.net (Postfix) with ESMTPA id EAE6CC1833; Mon, 20 Nov 2023 21:48:58 +0000 (UTC) ARC-Seal: i=1; s=arc-2022; d=mailchannels.net; t=1700516938; a=rsa-sha256; cv=none; b=cyEnI7JwAp5Dp3e3XjWvY/bbQZXyIOjTchdgLQQPW6tq2ZIcVpO8xe+tDkRsh0IBqq1Hjn IJKn4g/kgL/qCP/BTZZaIaRX2jppkLIeIcIRw/W1f2E/Qie23TE9O3JitVcK/FTv5fZ2fc zka7sw3TD6CEsea94zPOcEyuB4p0GJmygUXEredr9aYXKNY4zXDGpkY/iak2YiM4b8RDrC WpC+CDiPbbiifPF426fdhvZI0Qpgsh1KxneQSC1yUjMTtxhaup9GLr34LPVd3SlEifUDD9 bZFShKujikI9k87fAA+Em5hbbC4W8motBRv/h1b6+eDwqTZB3BU752Ndelt0VQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=mailchannels.net; s=arc-2022; t=1700516938; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=h/QEsf2k17AARJUwp1BQuqn8z8IERcWN/41BHx+fnU8=; b=4ndInb7kbk+DGqDr86pwSTj9vZOmvCz/iYfD9UVoZ9VXQ/PHpLmrVknmHeaUrwq/UkHB4+ HdddmrRzBx1L91/nxJ+4Y3c/38/eEHM8vzqJZVzT8UW57rRhH9I8hBkZu0ZTGFI5ioY8bb EAUZk/hSH29Oz1v3nWrdKqnXgqFz3Mzluq6gvJmW3dVnvk/yYREF5aEzvj9Q2TL8CnkM68 WBFbmzwnp+Lhm2vhDHQ7+qaGzX6NzuB8kgk/6y4zd36SwvhcyKYhAk5YJ/Ph5t+AYloDFw 2MCtorOSD+rxFTOCeVaPUNEQsi4gOcPYbS+iEeBrDX4uUSiB/WFUQGq88T6SCw== ARC-Authentication-Results: i=1; rspamd-7f8878586f-44gm6; auth=pass smtp.auth=dreamhost smtp.mailfrom=siddhesh@sourceware.org X-Sender-Id: dreamhost|x-authsender|siddhesh@gotplt.org X-MC-Relay: Neutral X-MailChannels-SenderId: dreamhost|x-authsender|siddhesh@gotplt.org X-MailChannels-Auth-Id: dreamhost X-Gusty-Cooperative: 3673d811749aa51d_1700516939089_3433807727 X-MC-Loop-Signature: 1700516939089:3889200867 X-MC-Ingress-Time: 1700516939089 Received: from pdx1-sub0-mail-a272.dreamhost.com (pop.dreamhost.com [64.90.62.162]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384) by 100.112.201.10 (trex/6.9.2); Mon, 20 Nov 2023 21:48:59 +0000 Received: from [192.168.2.12] (bras-vprn-toroon4834w-lp130-02-142-113-138-136.dsl.bell.ca [142.113.138.136]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) (Authenticated sender: siddhesh@gotplt.org) by pdx1-sub0-mail-a272.dreamhost.com (Postfix) with ESMTPSA id 4SZ1Np4dp9zHv; Mon, 20 Nov 2023 13:48:58 -0800 (PST) Message-ID: Date: Mon, 20 Nov 2023 16:48:56 -0500 MIME-Version: 1.0 User-Agent: Mozilla Thunderbird Subject: Re: [PATCH v3 06/19] elf: Do not parse ill-formatted strings To: Adhemerval Zanella , libc-alpha@sourceware.org References: <20231106202552.3404059-1-adhemerval.zanella@linaro.org> <20231106202552.3404059-7-adhemerval.zanella@linaro.org> Content-Language: en-US From: Siddhesh Poyarekar In-Reply-To: <20231106202552.3404059-7-adhemerval.zanella@linaro.org> Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1172.1 required=5.0 tests=BAYES_00,GIT_PATCH_0,KAM_DMARC_NONE,KAM_DMARC_STATUS,RCVD_IN_DNSWL_NONE,RCVD_IN_MSPIKE_H4,RCVD_IN_MSPIKE_WL,SPF_HELO_NONE,SPF_SOFTFAIL,TXREP,T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 2023-11-06 15:25, Adhemerval Zanella wrote: > Instead of ignoring ill-formatted tunable strings, first, check all the > tunable definitions are correct and then set each tunable value. It > means that partially invalid strings, like "key1=value1:key2=key2=value' > or 'key1=value':key2=value2=value2' do not enable 'key1=value1'. It > avoids possible user-defined errors in tunable definitions. > > Checked on x86_64-linux-gnu. > --- Only tiny language nits below, LGTM otherwise. Reviewed-by: Siddhesh Poyarekar > elf/dl-tunables.c | 48 ++++++++++++++++++++++++++++++++++------------ > elf/tst-tunables.c | 13 +++++++++---- > 2 files changed, 45 insertions(+), 16 deletions(-) > > diff --git a/elf/dl-tunables.c b/elf/dl-tunables.c > index 082a76d9c4..e1198869d6 100644 > --- a/elf/dl-tunables.c > +++ b/elf/dl-tunables.c > @@ -154,17 +154,29 @@ __tunable_set_val (tunable_id_t id, tunable_val_t *valp, tunable_num_t *minp, > do_tunable_update_val (cur, valp, minp, maxp); > } > > -/* Parse the tunable string VALSTRING. VALSTRING is a duplicated value, > - where delimiters ':' are replaced with '\0', so string tunables are null > - terminated. */ > -static void > -parse_tunables (char *valstring) > +struct tunable_toset_t > +{ > + tunable_t *t; > + const char *value; > +}; > + > +enum { tunables_list_size = array_length (tunable_list) }; > + > +/* Parse the tunable string VALSTRING and set TUNABLES with the found tunables > + and their respectibles values. VALSTRING is a duplicated values, where s/respectibles/respective/ s/duplicated values/duplicated string/ > + delimiters ':' are replaced with '\0', so string tunables are null > + terminated. > + Return the number of tunables found (including 0 if the string is empty) > + or -1 if for a ill-formatted definition. */ s/a ill-formatted/an ill-formatted/ > +static int > +parse_tunables_string (char *valstring, struct tunable_toset_t *tunables) > { > if (valstring == NULL || *valstring == '\0') > - return; > + return 0; > > char *p = valstring; > bool done = false; > + int ntunables = 0; > > while (!done) > { > @@ -177,7 +189,7 @@ parse_tunables (char *valstring) > /* If we reach the end of the string before getting a valid name-value > pair, bail out. */ > if (*p == '\0') > - break; > + return -1; > > /* We did not find a valid name-value pair before encountering the > colon. */ > @@ -190,30 +202,42 @@ parse_tunables (char *valstring) > /* Skip the '='. */ > p++; > > - const char *value = p; > + char *value = p; > > while (*p != '=' && *p != ':' && *p != '\0') > p++; > > if (*p == '=') > - break; > + return -1; > else if (*p == '\0') > done = true; > else > *p++ = '\0'; > > /* Add the tunable if it exists. */ > - for (size_t i = 0; i < sizeof (tunable_list) / sizeof (tunable_t); i++) > + for (size_t i = 0; i < tunables_list_size; i++) > { > tunable_t *cur = &tunable_list[i]; > > if (tunable_is_name (cur->name, name)) > { > - tunable_initialize (cur, value); > + tunables[ntunables++] = (struct tunable_toset_t) { cur, value }; > break; > } > } > } > + > + return ntunables; > +} > + > +static void > +parse_tunables (char *valstring) > +{ > + struct tunable_toset_t tunables[tunables_list_size]; > + int ntunables = parse_tunables_string (valstring, tunables); > + > + for (int i = 0; i < ntunables; i++) > + tunable_initialize (tunables[i].t, tunables[i].value); > } > > /* Initialize the tunables list from the environment. For now we only use the > @@ -240,7 +264,7 @@ __tunables_init (char **envp) > continue; > } > > - for (int i = 0; i < sizeof (tunable_list) / sizeof (tunable_t); i++) > + for (int i = 0; i < tunables_list_size; i++) > { > tunable_t *cur = &tunable_list[i]; > > diff --git a/elf/tst-tunables.c b/elf/tst-tunables.c > index 7fe9907e05..e1ad44f27c 100644 > --- a/elf/tst-tunables.c > +++ b/elf/tst-tunables.c > @@ -161,7 +161,7 @@ static const struct test_t > 0, > 0, > }, > - /* If there is a ill-formatted key=value, everything after is also ignored. */ > + /* Ill-formatted tunables string is not parsed. */ > { > "glibc.malloc.mmap_threshold=glibc.malloc.mmap_threshold=4096:glibc.malloc.check=2", > 0, > @@ -186,13 +186,18 @@ static const struct test_t > 0, > 0, > }, > - /* Valid tunables set before ill-formatted ones are set. */ > { > "glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096=4096", > - 2, > 0, > 0, > - } > + 0, > + }, > + { > + "glibc.malloc.check=2:glibc.malloc.mmap_threshold=4096=4096", > + 0, > + 0, > + 0, > + }, > }; > > static int