From patchwork Mon Sep 9 10:41:28 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 1982497 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=acT0Sd6/; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=2620:52:3:1:0:246e:9693:128c; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [IPv6:2620:52:3:1:0:246e:9693:128c]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4X2Ngj4FJwz1y1D for ; Mon, 9 Sep 2024 20:42:09 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id BE86D385E027 for ; Mon, 9 Sep 2024 10:42:06 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTP id 1184F3858C53 for ; Mon, 9 Sep 2024 10:41:50 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 1184F3858C53 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 1184F3858C53 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1725878511; cv=none; b=JqS2GZBfPyFJS720iqh9knWiTkFIki/JjEuA+1MQA2VogdzvP8kKhpjv7gh2EYtfsuKD4wkcflYwimO8XWm2wJjCV4QuZhLH5GhDEMciikxG6JEreHpkg9p/xMOo/1L13/Y9lVpRP2BBxey7nTrmj1ZO98cV2axypUQKx1+62WE= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1725878511; c=relaxed/simple; bh=A7Om7QeAha9gjFQsT78Idj/GVwDbEqnVNb1GEdK/MiA=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=T1yZJ8iS+2iwDaexS9TXnl5fO+kmoJUrUWO9QOV16c/lIkrZF1AzlxAPqI0Fidmn19BQeDmeUekQDSnPZJBwVtfE52KOSYy+w+NxDoMKOTJouA10EwYUGZeY1Zi9J5RGeT/hIRiA21rRoc1UrolKCpYubWp+1IKxlCSTwWYDB78= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725878509; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=09ZHGgSDbX7laFYdDSp2srqvf3G6dp0skpU+AuiLWSo=; b=acT0Sd6/vT6gk+dWm2p4T0KxK+Ffp+TeDdKcspLH3nW4DDDhNQ3eXrNpHuknOV9mmkUjFP JhaYKZFMB3rHh6blbXY1IXlfc1WSAuGrCnOfNWVL8kOmriz7PjUyQFjYJ8BXmee6E2eJ3N dWP4o8Fx4EiHQX+T7gJXff3RdI45qts= Received: from mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-626-pNvz4wWlNougWEuAIeDghA-1; Mon, 09 Sep 2024 06:41:48 -0400 X-MC-Unique: pNvz4wWlNougWEuAIeDghA-1 Received: from mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.12]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id EC5AF19772C1 for ; Mon, 9 Sep 2024 10:41:43 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.2.16.4]) by mx-prod-int-03.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 983251955F69 for ; Mon, 9 Sep 2024 10:41:31 +0000 (UTC) From: Florian Weimer To: libc-alpha@sourceware.org Subject: [PATCH] debug: Fix read error handling in pcprofiledump Date: Mon, 09 Sep 2024 12:41:28 +0200 Message-ID: <87v7z5nm7b.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.0 on 10.30.177.12 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-10.8 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org The reading loops did not check for read failures. Addresses a static analysis report. Manually tested by compiling a program with the GCC's -finstrument-functions option, running it with “LD_PRELOAD=debug/libpcprofile.so PCPROFILE_OUTPUT=output-file”, and reviewing the output of “debug/pcprofiledump output-file”. --- debug/pcprofiledump.c | 77 +++++++++++++++++++++++++++------------------------ 1 file changed, 41 insertions(+), 36 deletions(-) base-commit: 43669fcf7315f494bbbc2c040cedeb0fa8416a5f diff --git a/debug/pcprofiledump.c b/debug/pcprofiledump.c index 049a9c2744..e4e5d2855a 100644 --- a/debug/pcprofiledump.c +++ b/debug/pcprofiledump.c @@ -75,6 +75,36 @@ static struct argp argp = options, parse_opt, args_doc, doc, NULL, more_help }; +/* Try to read SIZE bytes from FD and store them on BUF. Terminate + the processes with ERROR_MESSAGE upon read error. Also terminate + the process if less than SIZE bytes are remaining in the file and + !MAYBE_EOF. If MAYBE_EOF, do not terminate the process if the end + of the file is encountered immediately. + + Returns true if SIZE bytes have been read, and false if no bytes + have been read due to an end-of-file condition. */ +static bool +read_exactly (int fd, void *buffer, size_t size, const char *error_message, + bool maybe_eof) +{ + char *p = buffer; + char *end = p + size; + while (p < end) + { + ssize_t ret = TEMP_FAILURE_RETRY (read (fd, p, end - p)); + if (ret < 0) + error (EXIT_FAILURE, errno, error_message); + if (ret == 0) + { + if (p == buffer && maybe_eof) + /* Nothing has been read. */ + return false; + error (EXIT_FAILURE, 0, _("unexpected end of file")); + } + p += ret; + } + return true; +} int main (int argc, char *argv[]) @@ -110,8 +140,7 @@ main (int argc, char *argv[]) /* Read the first 4-byte word. It contains the information about the word size and the endianness. */ uint32_t word; - if (TEMP_FAILURE_RETRY (read (fd, &word, 4)) != 4) - error (EXIT_FAILURE, errno, _("cannot read header")); + read_exactly (fd, &word, sizeof (word), _("cannot read header"), false); /* Check whether we have to swap the byte order. */ int must_swap = (word & 0x0fffffff) == bswap_32 (0xdeb00000); @@ -121,56 +150,32 @@ main (int argc, char *argv[]) /* We have two loops, one for 32 bit pointers, one for 64 bit pointers. */ if (word == 0xdeb00004) { - union - { - uint32_t ptrs[2]; - char bytes[8]; - } pair; + uint32_t ptrs[2]; while (1) { - size_t len = sizeof (pair); - size_t n; - - while (len > 0 - && (n = TEMP_FAILURE_RETRY (read (fd, &pair.bytes[8 - len], - len))) != 0) - len -= n; - - if (len != 0) - /* Nothing to read. */ + if (!read_exactly (fd, ptrs, sizeof (ptrs), + _("cannot read pointer pair"), true)) break; printf ("this = %#010" PRIx32 ", caller = %#010" PRIx32 "\n", - must_swap ? bswap_32 (pair.ptrs[0]) : pair.ptrs[0], - must_swap ? bswap_32 (pair.ptrs[1]) : pair.ptrs[1]); + must_swap ? bswap_32 (ptrs[0]) : ptrs[0], + must_swap ? bswap_32 (ptrs[1]) : ptrs[1]); } } else if (word == 0xdeb00008) { - union - { - uint64_t ptrs[2]; - char bytes[16]; - } pair; + uint64_t ptrs[2]; while (1) { - size_t len = sizeof (pair); - size_t n; - - while (len > 0 - && (n = TEMP_FAILURE_RETRY (read (fd, &pair.bytes[8 - len], - len))) != 0) - len -= n; - - if (len != 0) - /* Nothing to read. */ + if (!read_exactly (fd, ptrs, sizeof (ptrs), + _("cannot read pointer pair"), true)) break; printf ("this = %#018" PRIx64 ", caller = %#018" PRIx64 "\n", - must_swap ? bswap_64 (pair.ptrs[0]) : pair.ptrs[0], - must_swap ? bswap_64 (pair.ptrs[1]) : pair.ptrs[1]); + must_swap ? bswap_64 (ptrs[0]) : ptrs[0], + must_swap ? bswap_64 (ptrs[1]) : ptrs[1]); } } else