Message ID | 20221128041948.58339-3-bgray@linux.ibm.com (mailing list archive) |
---|---|
State | Accepted |
Commit | 94ba4f2c33f42dae7813dc169a177e922a39560c |
Headers | show |
Series | Expand selftest utils | expand |
On Mon, 2022-11-28 at 15:19 +1100, Benjamin Gray wrote: > - malloc() does not zero the buffer, > - fread() does not null-terminate it's output, > - `cat /proc/sys/kernel/core_pattern | hexdump -C` shows the file is > not inherently null-terminated > > So using string operations on the buffer is risky. Explicitly add a > null > character to the end to make it safer. > > Signed-off-by: Benjamin Gray <bgray@linux.ibm.com> Reviewed-by: Andrew Donnellan <ajd@linux.ibm.com> > --- > tools/testing/selftests/powerpc/ptrace/core-pkey.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/tools/testing/selftests/powerpc/ptrace/core-pkey.c > b/tools/testing/selftests/powerpc/ptrace/core-pkey.c > index bbc05ffc5860..5c82ed9e7c65 100644 > --- a/tools/testing/selftests/powerpc/ptrace/core-pkey.c > +++ b/tools/testing/selftests/powerpc/ptrace/core-pkey.c > @@ -383,7 +383,7 @@ static int setup_core_pattern(char > **core_pattern_, bool *changed_) > goto out; > } > > - ret = fread(core_pattern, 1, PATH_MAX, f); > + ret = fread(core_pattern, 1, PATH_MAX - 1, f); > fclose(f); > if (!ret) { > perror("Error reading core_pattern file"); > @@ -391,6 +391,8 @@ static int setup_core_pattern(char > **core_pattern_, bool *changed_) > goto out; > } > > + core_pattern[ret] = '\0'; > + > /* Check whether we can predict the name of the core file. */ > if (!strcmp(core_pattern, "core") || !strcmp(core_pattern, > "core.%p")) > *changed_ = false;
diff --git a/tools/testing/selftests/powerpc/ptrace/core-pkey.c b/tools/testing/selftests/powerpc/ptrace/core-pkey.c index bbc05ffc5860..5c82ed9e7c65 100644 --- a/tools/testing/selftests/powerpc/ptrace/core-pkey.c +++ b/tools/testing/selftests/powerpc/ptrace/core-pkey.c @@ -383,7 +383,7 @@ static int setup_core_pattern(char **core_pattern_, bool *changed_) goto out; } - ret = fread(core_pattern, 1, PATH_MAX, f); + ret = fread(core_pattern, 1, PATH_MAX - 1, f); fclose(f); if (!ret) { perror("Error reading core_pattern file"); @@ -391,6 +391,8 @@ static int setup_core_pattern(char **core_pattern_, bool *changed_) goto out; } + core_pattern[ret] = '\0'; + /* Check whether we can predict the name of the core file. */ if (!strcmp(core_pattern, "core") || !strcmp(core_pattern, "core.%p")) *changed_ = false;
- malloc() does not zero the buffer, - fread() does not null-terminate it's output, - `cat /proc/sys/kernel/core_pattern | hexdump -C` shows the file is not inherently null-terminated So using string operations on the buffer is risky. Explicitly add a null character to the end to make it safer. Signed-off-by: Benjamin Gray <bgray@linux.ibm.com> --- tools/testing/selftests/powerpc/ptrace/core-pkey.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-)