[Bug bpf/24946] New: printing hex sequences causes crash

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

[Bug bpf/24946] New: printing hex sequences causes crash

glaubitz at physik dot fu-berlin.de
https://sourceware.org/bugzilla/show_bug.cgi?id=24946

            Bug ID: 24946
           Summary: printing hex sequences causes crash
           Product: systemtap
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: bpf
          Assignee: systemtap at sourceware dot org
          Reporter: sapatel at redhat dot com
  Target Milestone: ---

The use of hex sequences is causing stapbpf to crash and produce a segmentation
fault. For example, the following script exhibits such behaviour:

stap --bpf -e 'probe oneshot { print("\x40") }'

--
You are receiving this mail because:
You are the assignee for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug bpf/24946] printing hex sequences causes crash

glaubitz at physik dot fu-berlin.de
https://sourceware.org/bugzilla/show_bug.cgi?id=24946

--- Comment #1 from Sagar Patel <sapatel at redhat dot com> ---
The translation in stapbpf causes the iterator to reach the end of the string
after building the hex number, and then loop increments the iterator again and
misses the stopping condition. This causes the loop to go out of range and
eventually run into a segmentation fault.

Additionally, the building of the hex number doesn't account for digits '8' and
'9', and as mentioned in PR24947 there is no check for valid hex sequences.

--
You are receiving this mail because:
You are the assignee for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug bpf/24946] printing hex sequences causes crash

glaubitz at physik dot fu-berlin.de
In reply to this post by glaubitz at physik dot fu-berlin.de
https://sourceware.org/bugzilla/show_bug.cgi?id=24946

Sagar Patel <sapatel at redhat dot com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
             Status|NEW                         |RESOLVED
         Resolution|---                         |FIXED

--- Comment #2 from Sagar Patel <sapatel at redhat dot com> ---
Fixed in commit 728bbc1ac.

This is a temporary patch, and will be reverted after PR13371 is fixed.

--
You are receiving this mail because:
You are the assignee for the bug.
Reply | Threaded
Open this post in threaded view
|

[Bug bpf/24946] printing hex sequences causes crash

glaubitz at physik dot fu-berlin.de
In reply to this post by glaubitz at physik dot fu-berlin.de
https://sourceware.org/bugzilla/show_bug.cgi?id=24946

--- Comment #3 from Sagar Patel <sapatel at redhat dot com> ---
(In reply to Sagar Patel from comment #2)
> Fixed in commit 728bbc1ac.
>
> This is a temporary patch, and will be reverted after PR13371 is fixed.

The portion of the patch dealing with this PR will not be reverted, only the
portion dealing with PR24947 will be reverted.

--
You are receiving this mail because:
You are the assignee for the bug.