semop()/semtimedop() sembuf argument printing in strace
Dmitry V. Levin
ldv at altlinux.org
Wed Oct 7 23:07:33 UTC 2009
Hi,
On Wed, Oct 07, 2009 at 10:25:10PM +0200, Jakub Bogusz wrote:
[...]
> OK, updated patch attached.
There are two issues remained which should be addressed.
First, redundancy should be avoided.
You patch introduces 4 very similar copies of sembuf parser.
Second, user input should not be trusted at all.
Please try your patch with the following example:
$ cat semop.c
#include <sys/sem.h>
int main(void) {
return semop(-1, (struct sembuf *) main, 0x1000000) < 0;
}
I pushed a fix on top of your patch to
http://strace.git.sourceforge.net/git/gitweb.cgi?p=strace/strace;a=shortlog;h=ldv/sembuf
Please test.
> BTW, there are unchecked umoves in already existing sys_msgsnd() and
> sys_msgrcv()...
Yes, it should be fixed, too.
--
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20091008/244f8ccc/attachment.bin>
More information about the Strace-devel
mailing list