[PATCH] filter_seccomp: fix jump offset overflow in binary match generator

Dmitry V. Levin ldv at altlinux.org
Sat Nov 9 23:15:22 UTC 2019


On Sat, Nov 09, 2019 at 09:14:32AM +0100, Paul Chaignon wrote:
> binary_match_filter_generator() is missing a check for jump offset
> overflows which might result in incorrect behavior if the binary match
> strategy is selected and overflows.
> 
> I have only been able to reproduce the bug on mips after forcing strace to
> use the binary match generator.  Due to the large number of syscalls on
> mips, the binary match algorithm is suboptimal and the linear one is
> selected.  This bug could however be triggered inadvertently if tracing a
> very large set of syscalls not grouped together; in that case, the linear
> strategy might have a jump offset overflow itself and strace would
> fallback to the binary match one.
> 
> * filter_seccomp (binary_match_filter_generator): Check for jump offset
> overflows.

Applied, thanks!
Special thanks to mips for being such a mess. :)


-- 
ldv
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 801 bytes
Desc: not available
URL: <http://lists.strace.io/pipermail/strace-devel/attachments/20191110/edb91778/attachment.bin>


More information about the Strace-devel mailing list