leaking_addresses: add timeout on file read
Currently script can stall if we read certain files (like /proc/kmsg). While we have a mechanism to skip these files once they are discovered it would be nice to not stall on as yet undiscovered files of this kind. Set a timer before each file is parsed, warn user if timer expires. Suggested-by: Kees Cook <keescook@chromium.org> Signed-off-by: Tobin C. Harding <me@tobin.cc>
This commit is contained in:
parent
62139c1242
commit
dd98c252ae
@ -29,6 +29,9 @@ my $V = '0.01';
|
||||
# Directories to scan.
|
||||
my @DIRS = ('/proc', '/sys');
|
||||
|
||||
# Timer for parsing each file, in seconds.
|
||||
my $TIMEOUT = 10;
|
||||
|
||||
# Script can only grep for kernel addresses on the following architectures. If
|
||||
# your architecture is not listed here and has a grep'able kernel address please
|
||||
# consider submitting a patch.
|
||||
@ -284,6 +287,23 @@ sub skip_parse
|
||||
return skip($path, \@skip_parse_files_abs, \@skip_parse_files_any);
|
||||
}
|
||||
|
||||
sub timed_parse_file
|
||||
{
|
||||
my ($file) = @_;
|
||||
|
||||
eval {
|
||||
local $SIG{ALRM} = sub { die "alarm\n" }; # NB: \n required.
|
||||
alarm $TIMEOUT;
|
||||
parse_file($file);
|
||||
alarm 0;
|
||||
};
|
||||
|
||||
if ($@) {
|
||||
die unless $@ eq "alarm\n"; # Propagate unexpected errors.
|
||||
printf STDERR "timed out parsing: %s\n", $file;
|
||||
}
|
||||
}
|
||||
|
||||
sub parse_file
|
||||
{
|
||||
my ($file) = @_;
|
||||
@ -335,7 +355,7 @@ sub walk
|
||||
if (-d $path) {
|
||||
push @dirs, $path;
|
||||
} else {
|
||||
parse_file($path);
|
||||
timed_parse_file($path);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user