[Bug 232206] [truss] update strsize parameter handling
bugzilla-noreply at freebsd.org
bugzilla-noreply at freebsd.org
Mon Nov 26 19:07:17 UTC 2018
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=232206
--- Comment #4 from David Carlier <devnexen at gmail.com> ---
The bug is mainly all about fixing a possible overflow when using string size
parameter, basically by giving a value over an integer maximum value.
Easily reproducible by "trussing" the syslog process with this sort of value (I
just print out the value on purpose):
truss -s 27836487264287642746284662746874678412834 ...
makes the process aborting
/usr/obj/usr/src/amd64.amd64/usr.bin/truss/truss -s
23894723984789237473278482974382479238794728379843828794 -p 1509
STRSIZE -1
select(10,{ 3 5 8 9 },0x0,0x0,0x0) = 1 (0x1)
Bus error (core dumped)
whereas with a more "reasonable" value it works as always
/usr/obj/usr/src/amd64.amd64/usr.bin/truss/truss -s 80 -p 1553
STRSIZE 80
select(10,{ 3 5 8 9 },0x0,0x0,0x0) = 1 (0x1)
read(5,"Firmware Error (ACPI): Could not resolve [\\_SB.PCI0.LPCB.HEC.ECRD],
AE_NOT_FOUN"...,2047) = 394 (0x18a)
writev(14,[{"Nov 26 19:06:24",15},{" ",1},{"freeflame",9},{"
",1},{"kernel",6},{": ",2},{"Firmware Error (ACPI): Could not resolve
[\\_SB.PCI0.LPCB.HEC.ECRD], AE_NOT_FOUN"...,102},{"\n",1}],8) = 137 (0x89)
writev(14,[{"Nov 26 19:06:24",15},{" ",1},{"freeflame",9},{"
",1},{"kernel",6},{": ",2},{"ACPI Error: Method parse/execution failed
\\_TZ.TZ00._TMP, AE_NOT_FOUND (2018103"...,93},{"\n",1}],8) = 128 (0x80)
writev(14,[{"Nov 26 19:06:24",15},{" ",1},{"freeflame",9},{"
",1},{"kernel",6},{": ",2},{"Firmware Error (ACPI): Could not resolve
[\\_SB.PCI0.LPCB.HEC.ECRD], AE_NOT_FOUN"...,102},{"\n",1}],8) = 137 (0x89)
writev(14,[{"Nov 26 19:06:24",15},{" ",1},{"freeflame",9},{"
",1},{"kernel",6},{": ",2},{"ACPI Error: Method parse/execution failed
\\_TZ.TZ01._TMP, AE_NOT_FOUND (2018103"...,93},{"\n",1}],8) = 128 (0x80)
read(5,0x7fffffffde50,2047) ERR#35 'Resource temporarily
unavailable'
select(10,{ 3 5 8 9 },0x0,0x0,{ 0.000000 }) = 0 (0x0)
fsync(0xe) = 0 (0x0)
select(10,{ 3 5 8 9 },0x0,0x0,0x0) = 1 (0x1)
...
--
You are receiving this mail because:
You are the assignee for the bug.
More information about the freebsd-bugs
mailing list