Pathnames followed by "..." when printed using printpathn

Zubin Mithra zubin.mithra at gmail.com
Tue May 27 08:05:46 UTC 2014


Hey Philippe,

On Tue, May 27, 2014 at 12:07 PM, Philippe Ombredanne
<pombredanne at nexb.com> wrote:
> On Tue, May 27, 2014 at 5:53 AM, Zubin Mithra <zubin.mithra at gmail.com> wrote:
>> Hello everyone,
>>
>> Currently I'm working on a means by which I can convert relative paths to
>> absolute when displayed as system call arguments. Some sample output can be
>> seen here[1]. Please note that the arguments passed to "execve" and "open"
>> are absolute paths.
>
> This looks good. I see you are building some tests... Will you commit these too?

Sure thing, I'll do that.

>
>> (The current implementation is just a PoC and I haven't committed anything
>> yet, I'll post a link to the commit as soon as I push it in.)
>
> This is your own repo, you can commit often!
>
>> `printpathn` takes in an argument `n` which is the maximum number of
>> characters that should be displayed in the path(followed by "...").
>>
>> Should this scheme be followed when displaying absolute paths too?
>>
>> Perhaps we could use the "..." scheme when "-yy" is used and the full path
>> whenever "-yyy" is used? Does that make sense/sound good?
>
> I cannot fathom any use case where I would want an absolute truncated
> and partially printed.
> So my take would be to not both with a -yyy option, not use printpathn
> and _always_ print full paths, never truncate a path with ... and to
> use printpath which is the function that makes sense to me.
>
> Looking at printpathn, I am even wondering what is the real purpose
> and use of this function? ;)

`printpath` is a wrapper around `printpathn` that sets the n value to
MAXPATHLEN. Having this function is useful because the number of path
characters that need to be read in from the tracee's process space
might not always be MAXPATHLEN.

There seem to be quite a few functions that call `printpathn`
directly. For instance:- sys_getcwd calls it with an n value set to
`tcp->u_rval - 1`. , i.e. system calls where the return value is the
length of a array the function has written out data into.


> This is worth for you to look into this:
> - Why would we need or want such a truncation?

Yes, I had a quick look into that and tested something out. In a case
where we try to open a file with > 4096 characters, sys_open would
fail with ENAMETOOLONG; however, strace would print 4096 characters
followed by "..."

> - Is it even used to print actual real paths?

Yes, printpathn is called in two ways.
Functions like sys_open, sys_openat call it via `printpath` and
functions like sys_getcwd call `printpathn` directly.

> - Could this be bug to have this function being used to print anything
> but a full path?

This function does the following :-
- Read the path from the tracee address space
- Call string_quote that does format conversion stuff and quotes the string
- Print out the path
- Print out "..." if necessary.

Invalid(abnormally long) paths could be present in the case of
absolute paths too and the "..." beyond 4096 characters looks like a
neat way to handle that case(eg: when used with malicious/buggy
binaries).

So yes, indeed, there does not seem to be a need for a "-yyy" option.
Whenever a path exceeds `n` in `printpathn`, it could be truncated.


Thanks,
-- zm




More information about the Strace-devel mailing list