Project

General

Profile

Bug #781

Racy string input from userspace can yield to unreadable traces

Added by Mathieu Desnoyers about 6 years ago. Updated about 6 years ago.

Status:
Resolved
Priority:
High
Target version:
Start date:
04/14/2014
Due date:
% Done:

100%

Estimated time:

Description

The attached program yield to unreadable traces when tracing system calls.

We need to fix this by ensuring that we allow input strings to change underneath between the length computation and copy into the buffers. It needs to be done with padding rather than zeroing any extra space, because otherwise Babeltrace will expect the following field right after the first null terminating character.

Babeltrace error example:

[error] Event id 26212 is outside range.
[error] Reading event failed.
Error printing trace.


Files

race-chown-name.c (1.44 KB) race-chown-name.c Mathieu Desnoyers, 04/14/2014 03:14 PM
fix-modules-strcpy.patch (18.4 KB) fix-modules-strcpy.patch Mathieu Desnoyers, 04/14/2014 03:20 PM

Also available in: Atom PDF