strace seg with select and -ve nfds
Dr. David Alan Gilbert
dave at treblig.org
Wed Nov 6 00:09:33 UTC 2013
* Dmitry V. Levin (ldv at altlinux.org) wrote:
> On Tue, Nov 05, 2013 at 04:19:31PM +0100, Denys Vlasenko wrote:
> > On 11/05/2013 01:33 PM, Dr. David Alan Gilbert wrote:
> > > * Denys Vlasenko (dvlasenk at redhat.com) wrote:
> > >> I propose to do simply this:
> > >>
> > >> + nfds = fdsize;
> > >> fdsize = (((fdsize + 7) / 8) + sizeof(long)-1) & -sizeof(long);
> > >> + /* We had bugs a-la "while (j < args)" and "umoven(args)" below.
> > >> + * Instead of args, use nfds for fd count, fdsize for array lengths.
> > >> + */
> > >>
> > >> and use nfds in those two places where we incorrectly use arg now.
> > >
> > >>> Thoughts?
> > >>
> > >> I applied a slightly simplified version of your fix to strace git, please try it.
> > >
> > > That still fails (this is FORTIFY detecting the fail).
> > Please elaborate. You get a warning about access to fd_set->[__]fds_bits
> > array past its declared bounds? How it looks? Does strace abort or what?
> sizeof(fd_set) is part of libc ABI, so glibc in _FORTIFY_SOURCE mode
> aborts the process using __chk_fail() when descriptor is larger than
> allowed value (FD_SETSIZE at the time of compiling glibc).
> > There can be legitimate programs which use select() in excess of glibc-imposed
> > artificial limit on bit array sizes.
> Yes, the syscall itself imposes no such limitations.
> Such programs are more expected to use poll() instead of select(), though.
> > > (I guess you could argue that's a false positive from fortify, but there
> > > again I think it is an illegal use of FD_ISSET).
> > Do you see a reasonably portable way to check FD_ISSET?
> Looks like all FD_ISSET implementations just test the n-th bit in the
> array of long ints. I've pushed a commit with yet another FD_ISSET
> implementation that hopefully does the same.
That looks like it's done the trick - and I prefer the way your set
now just reads and casts argv once.
-----Open up your eyes, open up your mind, open up your code -------
/ Dr. David Alan Gilbert | Running GNU/Linux | Happy \
\ gro.gilbert @ treblig.org | | In Hex /
\ _________________________|_____ http://www.treblig.org |_______/
More information about the Strace-devel