From patchwork Mon Sep 9 11:48:58 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: Florian Weimer X-Patchwork-Id: 1982552 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=pass (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=hM6646yH; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=sourceware.org (client-ip=8.43.85.97; helo=server2.sourceware.org; envelope-from=libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org; receiver=patchwork.ozlabs.org) Received: from server2.sourceware.org (server2.sourceware.org [8.43.85.97]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4X2Q9K2l8Rz1y1S for ; Mon, 9 Sep 2024 21:49:25 +1000 (AEST) Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 2B9AA3858CDB for ; Mon, 9 Sep 2024 11:49:23 +0000 (GMT) X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by sourceware.org (Postfix) with ESMTP id 7E9C03858D20 for ; Mon, 9 Sep 2024 11:49:05 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7E9C03858D20 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=redhat.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=redhat.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 7E9C03858D20 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=170.10.133.124 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1725882548; cv=none; b=aHMlTNp8JQdg9dW6e7M0sA96VpIF6QrhwqUPTFi/hByrbFb/3gqfqqUZSTiDcmG3nFTIx5MBn0oaookGpxdVQEPzXK8YNDrudJ+6AyATbmJIZsNUSFH7O567xzAvCGHdCIaZBAOagJSMIBP8R1ArTyfEfMQCf5/ChT4DRuLd4y4= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1725882548; c=relaxed/simple; bh=vbWHj8nikAMgXFexBcUzc9WAwQ7Xw1gDT6DhVEWH3ow=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=DiA+ta0ht6xzS1h/T0Jnm6BRB7Be+31YfgVkt9rPitwRPmTNZVYBg2M0nWlKtMsIZrcScOIoqcCk1zbNW/Z9zd2WBTm3s5bI6U5/D9UDPbNdT1Sgh4DwYORFO0bnFY1Y9gTVf7csHjp03g0PSkoSEuDdYYaxTlxsU3/O8coxXz8= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1725882545; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=0BunEFFmwTx1oBtZ5u4f4HbXLfcEw0qTTrD03iougzs=; b=hM6646yHjI4osQhd31US3SV/yu1psILgElahp137RSEib9fPAdq7Q+vCvyfkOhKMflHF6R xZhwRobS5yy2suZsl5eVWLghjSFCCFoKWnO2liit72aabKpa/uGBNgVDskXqXNKhQAEZNI 36IGcseohQXiS4bXgI/M+L3k58CtulI= Received: from mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (ec2-54-186-198-63.us-west-2.compute.amazonaws.com [54.186.198.63]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-144-UYL9aQzgOSeNxUYhQlEtfw-1; Mon, 09 Sep 2024 07:49:04 -0400 X-MC-Unique: UYL9aQzgOSeNxUYhQlEtfw-1 Received: from mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com [10.30.177.4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (No client certificate requested) by mx-prod-mc-04.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id 463C21945102; Mon, 9 Sep 2024 11:49:03 +0000 (UTC) Received: from oldenburg.str.redhat.com (unknown [10.2.16.4]) by mx-prod-int-01.mail-002.prod.us-west-2.aws.redhat.com (Postfix) with ESMTPS id C6DB330001A1; Mon, 9 Sep 2024 11:49:01 +0000 (UTC) From: Florian Weimer To: libc-alpha@sourceware.org Cc: Andreas Schwab Subject: [PATCH v3] debug: Fix read error handling in pcprofiledump Date: Mon, 09 Sep 2024 13:48:58 +0200 Message-ID: <877cblnj2t.fsf@oldenburg.str.redhat.com> User-Agent: Gnus/5.13 (Gnus v5.13) MIME-Version: 1.0 X-Scanned-By: MIMEDefang 3.4.1 on 10.30.177.4 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com X-Spam-Status: No, score=-10.8 required=5.0 tests=BAYES_00, DKIMWL_WL_HIGH, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H4, RCVD_IN_MSPIKE_WL, SPF_HELO_NONE, SPF_NONE, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: libc-alpha-bounces~incoming=patchwork.ozlabs.org@sourceware.org The reading loops did not check for read failures. Addresses a static analysis report. Manually tested by compiling a program with the GCC's -finstrument-functions option, running it with “LD_PRELOAD=debug/libpcprofile.so PCPROFILE_OUTPUT=output-file”, and reviewing the output of “debug/pcprofiledump output-file”. --- v2: Consolidate error message selection in read_exactly. This addresses Andreas' reviewer comment that error messages should only be translated upon demand. v3: Properly conclude the cleanup begun in v2. debug/pcprofiledump.c | 78 +++++++++++++++++++++++++++------------------------ 1 file changed, 42 insertions(+), 36 deletions(-) base-commit: 43669fcf7315f494bbbc2c040cedeb0fa8416a5f diff --git a/debug/pcprofiledump.c b/debug/pcprofiledump.c index 049a9c2744..b00b0f4196 100644 --- a/debug/pcprofiledump.c +++ b/debug/pcprofiledump.c @@ -75,6 +75,39 @@ static struct argp argp = options, parse_opt, args_doc, doc, NULL, more_help }; +/* Try to read SIZE bytes from FD and store them on BUF. Terminate + the process upon read error. Also terminate the process if less + than SIZE bytes are remaining in the file. If !IN_HEADER, do not + terminate the process if the end of the file is encountered + immediately, before any bytes are read. + + Returns true if SIZE bytes have been read, and false if no bytes + have been read due to an end-of-file condition. */ +static bool +read_exactly (int fd, void *buffer, size_t size, bool in_header) +{ + char *p = buffer; + char *end = p + size; + while (p < end) + { + ssize_t ret = TEMP_FAILURE_RETRY (read (fd, p, end - p)); + if (ret < 0) + error (EXIT_FAILURE, errno, + in_header ? _("cannot read header") + : _("cannot read pointer pair")); + if (ret == 0) + { + if (p == buffer && !in_header) + /* Nothing has been read. */ + return false; + error (EXIT_FAILURE, 0, + in_header ? _("unexpected end of file in header") + : _("unexpected end of file in pointer pair")); + } + p += ret; + } + return true; +} int main (int argc, char *argv[]) @@ -110,8 +143,7 @@ main (int argc, char *argv[]) /* Read the first 4-byte word. It contains the information about the word size and the endianness. */ uint32_t word; - if (TEMP_FAILURE_RETRY (read (fd, &word, 4)) != 4) - error (EXIT_FAILURE, errno, _("cannot read header")); + read_exactly (fd, &word, sizeof (word), true); /* Check whether we have to swap the byte order. */ int must_swap = (word & 0x0fffffff) == bswap_32 (0xdeb00000); @@ -121,56 +153,30 @@ main (int argc, char *argv[]) /* We have two loops, one for 32 bit pointers, one for 64 bit pointers. */ if (word == 0xdeb00004) { - union - { - uint32_t ptrs[2]; - char bytes[8]; - } pair; + uint32_t ptrs[2]; while (1) { - size_t len = sizeof (pair); - size_t n; - - while (len > 0 - && (n = TEMP_FAILURE_RETRY (read (fd, &pair.bytes[8 - len], - len))) != 0) - len -= n; - - if (len != 0) - /* Nothing to read. */ + if (!read_exactly (fd, ptrs, sizeof (ptrs), false)) break; printf ("this = %#010" PRIx32 ", caller = %#010" PRIx32 "\n", - must_swap ? bswap_32 (pair.ptrs[0]) : pair.ptrs[0], - must_swap ? bswap_32 (pair.ptrs[1]) : pair.ptrs[1]); + must_swap ? bswap_32 (ptrs[0]) : ptrs[0], + must_swap ? bswap_32 (ptrs[1]) : ptrs[1]); } } else if (word == 0xdeb00008) { - union - { - uint64_t ptrs[2]; - char bytes[16]; - } pair; + uint64_t ptrs[2]; while (1) { - size_t len = sizeof (pair); - size_t n; - - while (len > 0 - && (n = TEMP_FAILURE_RETRY (read (fd, &pair.bytes[8 - len], - len))) != 0) - len -= n; - - if (len != 0) - /* Nothing to read. */ + if (!read_exactly (fd, ptrs, sizeof (ptrs), false)) break; printf ("this = %#018" PRIx64 ", caller = %#018" PRIx64 "\n", - must_swap ? bswap_64 (pair.ptrs[0]) : pair.ptrs[0], - must_swap ? bswap_64 (pair.ptrs[1]) : pair.ptrs[1]); + must_swap ? bswap_64 (ptrs[0]) : ptrs[0], + must_swap ? bswap_64 (ptrs[1]) : ptrs[1]); } } else