From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <systemtap-return-12578-listarch-systemtap=sources.redhat.com@sourceware.org>
Received: (qmail 20955 invoked by alias); 10 Jun 2009 15:17:54 -0000
Received: (qmail 20908 invoked by uid 48); 10 Jun 2009 15:17:41 -0000
Date: Wed, 10 Jun 2009 15:17:00 -0000
From: "fche at redhat dot com" <sourceware-bugzilla@sourceware.org>
To: systemtap@sources.redhat.com
Message-ID: <20090610151741.10258.fche@redhat.com>
Reply-To: sourceware-bugzilla@sourceware.org
Subject: [Bug translator/10258] New: procfs probes should not put strings on kernel stack
X-Bugzilla-Reason: AssignedTo
Mailing-List: contact systemtap-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <systemtap.sourceware.org>
List-Subscribe: <mailto:systemtap-subscribe@sourceware.org>
List-Post: <mailto:systemtap@sourceware.org>
List-Help: <mailto:systemtap-help@sourceware.org>, <http://sourceware.org/lists.html#faqs>
Sender: systemtap-owner@sourceware.org
X-SW-Source: 2009-q2/txt/msg00822.txt.bz2

The implementation of _st_procfs_{read,write} use a string_t
temporary on the ordinary stack (strdata).  It must not do
that, since MAXSTRINGLEN could be large enough to overflow the
kernel stack, which may or may not be suspected/detected at compile
time.

Rather, such stuff needs to go into the context directly.

stap -DMAXSTRINGLEN=16384 -e ' { probe procfs("foo").write { log($value) }'

-- 
           Summary: procfs probes should not put strings on kernel stack
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: translator
        AssignedTo: systemtap at sources dot redhat dot com
        ReportedBy: fche at redhat dot com


http://sourceware.org/bugzilla/show_bug.cgi?id=10258

------- You are receiving this mail because: -------
You are the assignee for the bug, or are watching the assignee.