strace/io.c

429 lines
9.8 KiB
C
Raw Normal View History

1999-02-19 03:21:36 +03:00
/*
* Copyright (c) 1991, 1992 Paul Kranenburg <pk@cs.few.eur.nl>
* Copyright (c) 1993 Branko Lankester <branko@hacktic.nl>
* Copyright (c) 1993, 1994, 1995, 1996 Rick Sladkey <jrs@world.std.com>
1999-12-23 17:20:14 +03:00
* Copyright (c) 1996-1999 Wichert Akkerman <wichert@cistron.nl>
1999-02-19 03:21:36 +03:00
* All rights reserved.
*
* Redistribution and use in source and binary forms, with or without
* modification, are permitted provided that the following conditions
* are met:
* 1. Redistributions of source code must retain the above copyright
* notice, this list of conditions and the following disclaimer.
* 2. Redistributions in binary form must reproduce the above copyright
* notice, this list of conditions and the following disclaimer in the
* documentation and/or other materials provided with the distribution.
* 3. The name of the author may not be used to endorse or promote products
* derived from this software without specific prior written permission.
*
* THIS SOFTWARE IS PROVIDED BY THE AUTHOR ``AS IS'' AND ANY EXPRESS OR
* IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES
* OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED.
* IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT,
* INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
* DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY
* THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT
* (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
* THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
*/
#include "defs.h"
#include <fcntl.h>
#include <sys/uio.h>
1999-02-19 03:21:36 +03:00
int
sys_read(struct tcb *tcp)
1999-02-19 03:21:36 +03:00
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
1999-02-19 03:21:36 +03:00
} else {
if (syserror(tcp))
tprintf("%#lx", tcp->u_arg[1]);
else
printstr(tcp, tcp->u_arg[1], tcp->u_rval);
tprintf(", %lu", tcp->u_arg[2]);
}
return 0;
}
int
sys_write(struct tcb *tcp)
1999-02-19 03:21:36 +03:00
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
1999-02-19 03:21:36 +03:00
printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
tprintf(", %lu", tcp->u_arg[2]);
}
return 0;
}
/*
* data_size limits the cumulative size of printed data.
* Example: recvmsg returing a short read.
*/
2000-09-02 01:03:06 +04:00
void
tprint_iov_upto(struct tcb *tcp, unsigned long len, unsigned long addr, int decode_iov, unsigned long data_size)
2000-09-02 01:03:06 +04:00
{
#if SUPPORTED_PERSONALITIES > 1
union {
struct { u_int32_t base; u_int32_t len; } iov32;
struct { u_int64_t base; u_int64_t len; } iov64;
} iov;
#define sizeof_iov \
(current_wordsize == 4 ? sizeof(iov.iov32) : sizeof(iov.iov64))
#define iov_iov_base \
(current_wordsize == 4 ? (uint64_t) iov.iov32.base : iov.iov64.base)
#define iov_iov_len \
(current_wordsize == 4 ? (uint64_t) iov.iov32.len : iov.iov64.len)
#else
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
struct iovec iov;
#define sizeof_iov sizeof(iov)
#define iov_iov_base iov.iov_base
#define iov_iov_len iov.iov_len
#endif
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
unsigned long size, cur, end, abbrev_end;
int failed = 0;
2000-09-02 01:03:06 +04:00
if (!len) {
tprints("[]");
2000-09-02 01:03:06 +04:00
return;
}
size = len * sizeof_iov;
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
end = addr + size;
if (!verbose(tcp) || size / sizeof_iov != len || end < addr) {
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
tprintf("%#lx", addr);
2000-09-02 01:03:06 +04:00
return;
}
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
if (abbrev(tcp)) {
abbrev_end = addr + max_strlen * sizeof_iov;
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
if (abbrev_end < addr)
abbrev_end = end;
2000-09-02 01:03:06 +04:00
} else {
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
abbrev_end = end;
}
tprints("[");
for (cur = addr; cur < end; cur += sizeof_iov) {
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
if (cur > addr)
tprints(", ");
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
if (cur >= abbrev_end) {
tprints("...");
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
break;
}
if (umoven(tcp, cur, sizeof_iov, (char *) &iov) < 0) {
tprints("?");
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
failed = 1;
break;
2000-09-02 01:03:06 +04:00
}
tprints("{");
if (decode_iov) {
unsigned long len = iov_iov_len;
if (len > data_size)
len = data_size;
data_size -= len;
printstr(tcp, (long) iov_iov_base, len);
} else
tprintf("%#lx", (long) iov_iov_base);
tprintf(", %lu}", (unsigned long)iov_iov_len);
2000-09-02 01:03:06 +04:00
}
tprints("]");
2005-05-31 Dmitry V. Levin <ldv@altlinux.org> Deal with memory management issues. * defs.h (tprint_iov): Update prototype. * desc.c (sys_epoll_wait) [HAVE_SYS_EPOLL_H]: Do not allocate epoll_event array of arbitrary size on the stack, to avoid stack overflow. * file.c (print_xattr_val): Check for integer overflow during malloc size calculation, to avoid heap corruption. * io.c (tprint_iov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change iovec array handling to avoid heap memory allocation. * mem.c (get_nodes) [LINUX]: Check for integer overflow during size calculation and do not allocate array of arbitrary size on the stack, to avoid stack overflow. * net.c (printcmsghdr) [HAVE_SENDMSG]: Do not allocate array of arbitrary size on the stack, to avoid stack overflow. Do not trust cmsg.cmsg_len to avoid read beyond the end of allocated object. (printmsghdr) [HAVE_SENDMSG]: Update tprint_iov() usage. * process.c (sys_setgroups): Check for integer overflow during malloc size calculation, to avoid heap corruption. Change gid_t array handling to avoid heap memory allocation. (sys_getgroups): Likewise. (sys_setgroups32) [LINUX]: Likewise. (sys_getgroups32) [LINUX]: Likewise. * stream.c (sys_poll) [HAVE_SYS_POLL_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Change pollfd array handling to avoid heap memory allocation. * system.c (sys_sysctl) [LINUX]: Check for integer overflow during malloc size calculation, to avoid heap corruption. * util.c (dumpiov) [HAVE_SYS_UIO_H]: Check for integer overflow during malloc size calculation, to avoid heap corruption. Fixes RH#159196.
2005-06-01 23:22:06 +04:00
if (failed)
tprintf(" %#lx", addr);
#undef sizeof_iov
#undef iov_iov_base
#undef iov_iov_len
2000-09-02 01:03:06 +04:00
}
void
tprint_iov(struct tcb *tcp, unsigned long len, unsigned long addr, int decode_iov)
{
tprint_iov_upto(tcp, len, addr, decode_iov, (unsigned long) -1L);
}
1999-02-19 03:21:36 +03:00
int
sys_readv(struct tcb *tcp)
1999-02-19 03:21:36 +03:00
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
1999-02-19 03:21:36 +03:00
} else {
if (syserror(tcp)) {
tprintf("%#lx, %lu",
tcp->u_arg[1], tcp->u_arg[2]);
return 0;
}
tprint_iov(tcp, tcp->u_arg[2], tcp->u_arg[1], 1);
1999-02-19 03:21:36 +03:00
tprintf(", %lu", tcp->u_arg[2]);
}
return 0;
}
int
sys_writev(struct tcb *tcp)
1999-02-19 03:21:36 +03:00
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
tprint_iov(tcp, tcp->u_arg[2], tcp->u_arg[1], 1);
1999-02-19 03:21:36 +03:00
tprintf(", %lu", tcp->u_arg[2]);
}
return 0;
}
/* The SH4 ABI does allow long longs in odd-numbered registers, but
does not allow them to be split between registers and memory - and
there are only four argument registers for normal functions. As a
result pread takes an extra padding argument before the offset. This
was changed late in the 2.4 series (around 2.4.20). */
#if defined(SH)
#define PREAD_OFFSET_ARG 4
#else
#define PREAD_OFFSET_ARG 3
#endif
1999-02-19 03:21:36 +03:00
int
sys_pread(struct tcb *tcp)
1999-02-19 03:21:36 +03:00
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
1999-02-19 03:21:36 +03:00
} else {
if (syserror(tcp))
tprintf("%#lx", tcp->u_arg[1]);
else
printstr(tcp, tcp->u_arg[1], tcp->u_rval);
tprintf(", %lu, ", tcp->u_arg[2]);
printllval(tcp, "%llu", PREAD_OFFSET_ARG);
1999-02-19 03:21:36 +03:00
}
return 0;
}
int
sys_pwrite(struct tcb *tcp)
1999-02-19 03:21:36 +03:00
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
1999-02-19 03:21:36 +03:00
printstr(tcp, tcp->u_arg[1], tcp->u_arg[2]);
tprintf(", %lu, ", tcp->u_arg[2]);
printllval(tcp, "%llu", PREAD_OFFSET_ARG);
}
return 0;
}
static void
print_llu_from_low_high_val(struct tcb *tcp, int arg)
{
#if SIZEOF_LONG == SIZEOF_LONG_LONG
# if SUPPORTED_PERSONALITIES > 1
if (current_wordsize == sizeof(long))
# endif
tprintf("%lu", (unsigned long) tcp->u_arg[arg]);
# if SUPPORTED_PERSONALITIES > 1
else
tprintf("%lu",
((unsigned long) tcp->u_arg[arg + 1] << current_wordsize * 8)
| (unsigned long) tcp->u_arg[arg]);
# endif
#else
# ifdef X32
if (current_personality == 0)
tprintf("%llu", (unsigned long long) tcp->ext_arg[arg]);
else
# endif
tprintf("%llu",
((unsigned long long) (unsigned long) tcp->u_arg[arg + 1] << sizeof(long) * 8)
| (unsigned long long) (unsigned long) tcp->u_arg[arg]);
#endif
}
int
sys_preadv(struct tcb *tcp)
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
} else {
if (syserror(tcp)) {
tprintf("%#lx, %lu", tcp->u_arg[1], tcp->u_arg[2]);
return 0;
}
tprint_iov(tcp, tcp->u_arg[2], tcp->u_arg[1], 1);
tprintf(", %lu, ", tcp->u_arg[2]);
print_llu_from_low_high_val(tcp, 3);
}
return 0;
}
int
sys_pwritev(struct tcb *tcp)
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
tprint_iov(tcp, tcp->u_arg[2], tcp->u_arg[1], 1);
tprintf(", %lu, ", tcp->u_arg[2]);
print_llu_from_low_high_val(tcp, 3);
}
return 0;
}
static void
print_off_t(struct tcb *tcp, long addr)
{
unsigned long offset;
if (!addr) {
tprints("NULL");
return;
}
#if SUPPORTED_PERSONALITIES > 1 && SIZEOF_LONG > 4
if (current_wordsize == 4) {
uint32_t off;
if (umove(tcp, addr, &off) < 0)
tprintf("%#lx", addr);
else
tprintf("[%u]", off);
} else
#endif
if (umove(tcp, addr, &offset) < 0)
tprintf("%#lx", addr);
else
tprintf("[%lu]", offset);
}
int
sys_sendfile(struct tcb *tcp)
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
printfd(tcp, tcp->u_arg[1]);
tprints(", ");
print_off_t(tcp, tcp->u_arg[2]);
tprintf(", %lu", tcp->u_arg[3]);
1999-02-19 03:21:36 +03:00
}
return 0;
}
void
print_loff_t(struct tcb *tcp, long addr)
{
loff_t offset;
if (!addr)
tprints("NULL");
else if (umove(tcp, addr, &offset) < 0)
tprintf("%#lx", addr);
else
tprintf("[%llu]", (unsigned long long int) offset);
}
int
sys_sendfile64(struct tcb *tcp)
{
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
printfd(tcp, tcp->u_arg[1]);
tprints(", ");
print_loff_t(tcp, tcp->u_arg[2]);
tprintf(", %lu", tcp->u_arg[3]);
}
return 0;
}
#include "xlat/splice_flags.h"
int
sys_tee(struct tcb *tcp)
{
if (entering(tcp)) {
/* int fd_in */
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
/* int fd_out */
printfd(tcp, tcp->u_arg[1]);
tprints(", ");
/* size_t len */
tprintf("%lu, ", tcp->u_arg[2]);
/* unsigned int flags */
printflags(splice_flags, tcp->u_arg[3], "SPLICE_F_???");
}
return 0;
}
int
sys_splice(struct tcb *tcp)
{
if (entering(tcp)) {
/* int fd_in */
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
/* loff_t *off_in */
print_loff_t(tcp, tcp->u_arg[1]);
tprints(", ");
/* int fd_out */
printfd(tcp, tcp->u_arg[2]);
tprints(", ");
/* loff_t *off_out */
print_loff_t(tcp, tcp->u_arg[3]);
tprints(", ");
/* size_t len */
tprintf("%lu, ", tcp->u_arg[4]);
/* unsigned int flags */
printflags(splice_flags, tcp->u_arg[5], "SPLICE_F_???");
}
return 0;
}
int
sys_vmsplice(struct tcb *tcp)
{
if (entering(tcp)) {
/* int fd */
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
/* const struct iovec *iov, unsigned long nr_segs */
tprint_iov(tcp, tcp->u_arg[2], tcp->u_arg[1], 1);
tprintf(", %lu, ", tcp->u_arg[2]);
/* unsigned int flags */
printflags(splice_flags, tcp->u_arg[3], "SPLICE_F_???");
}
return 0;
}
1999-02-19 03:21:36 +03:00
int
sys_ioctl(struct tcb *tcp)
1999-02-19 03:21:36 +03:00
{
const struct_ioctlent *iop;
1999-02-19 03:21:36 +03:00
if (entering(tcp)) {
printfd(tcp, tcp->u_arg[0]);
tprints(", ");
if (!ioctl_decode_command_number(tcp->u_arg[1])) {
iop = ioctl_lookup(tcp->u_arg[1]);
if (iop) {
tprints(iop->symbol);
while ((iop = ioctl_next_match(iop)))
tprintf(" or %s", iop->symbol);
} else {
ioctl_print_code(tcp->u_arg[1]);
}
}
1999-02-19 03:21:36 +03:00
ioctl_decode(tcp, tcp->u_arg[1], tcp->u_arg[2]);
}
else {
int ret = ioctl_decode(tcp, tcp->u_arg[1], tcp->u_arg[2]);
if (!ret)
1999-02-19 03:21:36 +03:00
tprintf(", %#lx", tcp->u_arg[2]);
2002-05-23 15:48:58 +04:00
else
return ret - 1;
1999-02-19 03:21:36 +03:00
}
return 0;
}