From patchwork Thu Oct 27 15:33:06 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Szabolcs Nagy X-Patchwork-Id: 59542 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 2053338AA24F for ; Thu, 27 Oct 2022 15:36:21 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2053338AA24F DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1666884981; bh=g3ByCVI7ZrgPnsfhH82oSkxcL6uBsvoYr6NG4tDse0Q=; h=To:Subject:Date:In-Reply-To:References:List-Id:List-Unsubscribe: List-Archive:List-Post:List-Help:List-Subscribe:From:Reply-To: From; b=Ru2PWqW2DOMb7eFq4oUxKAIFuZrYyHHJ09oGYkzm63Rv8/duu51fBQX7KP5nQQ9QR 3aALPLcDXTb/BthAGdx4kT+1fewRGnffAesXHnb/XLPgsKJ1F250oDLaHZSIAW4T+4 ho+WBmsyqjYVyAJ0KHW9s0ms9JEFNWqn5Sp6j6js= X-Original-To: libc-alpha@sourceware.org Delivered-To: libc-alpha@sourceware.org Received: from EUR05-VI1-obe.outbound.protection.outlook.com (mail-vi1eur05on2078.outbound.protection.outlook.com [40.107.21.78]) by sourceware.org (Postfix) with ESMTPS id 40D11381E5EB for ; Thu, 27 Oct 2022 15:33:22 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 40D11381E5EB ARC-Seal: i=2; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=pass; b=bWMka09+j5hccRHYTxZJ7RmK3o9Pk2ff4UPE9rzYUb8fmoiXthwip2SRQlVQjVGR51W3XyXJiGotQH1i50bk3Gs14H4cyXCLcHs/qoo8wmXYIhNK5OUb8KHJ7G6hMFvS8vXr0LpuJDs8zIWx4WgPqd2GuSqN1vHTdX3JGiMdTPf2BQAXiXqroe+0/UkiLZRiejvuz/YebJTbTT69V4BKd5lF2VB27kTAW6qdhyn2zUymRLBKQENOsQVtieGy9ZsN39wDHf/+fOEadwURG61AjUtAZL91eABLO6ZSvPTFy4tMEJtDSEeeA/MJ7ZPaOptDo3kX792RMGIfibrhTdIpag== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=g3ByCVI7ZrgPnsfhH82oSkxcL6uBsvoYr6NG4tDse0Q=; b=cGworN+kIsFVkBACFIou3QRBFbVrkLXULZok5d2FyMn35yClDzblhLyQDillPfve0rdg57lkx7JBRtMcvhOrnuu8jEbziKBwqRBrwrpIN1DE4kpzExGU+RjgmfKo9MNmXUX6HtPVeucRDJ4axJWWv+4MI6sSv7numVn0orFh9JVAYTwhb3jkLYFJYvHPIiQoIVJ5rwTPlCibVKGiaTpRBm+wF+bvwHBadP8Hpy57LyZv5VQEP8rkDRQDe3NUas4kiiJY9MFGz2XOexsDsM8Fbxst89tZTF5p4frZSdqBuuN8WLuvVTbVhSrsCjIRGSOPl6lE4SdTQ1P4lIWCN1gRPg== ARC-Authentication-Results: i=2; mx.microsoft.com 1; spf=pass (sender ip is 63.35.35.123) smtp.rcpttodomain=sourceware.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com; arc=pass (0 oda=1 ltdi=1 spf=[1, 1, smtp.mailfrom=arm.com] dmarc=[1, 1, header.from=arm.com]) Received: from AS9PR04CA0172.eurprd04.prod.outlook.com (2603:10a6:20b:530::18) by GVXPR08MB7752.eurprd08.prod.outlook.com (2603:10a6:150:6::7) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.21; Thu, 27 Oct 2022 15:33:18 +0000 Received: from AM7EUR03FT047.eop-EUR03.prod.protection.outlook.com (2603:10a6:20b:530:cafe::8a) by AS9PR04CA0172.outlook.office365.com (2603:10a6:20b:530::18) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5769.15 via Frontend Transport; Thu, 27 Oct 2022 15:33:18 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 63.35.35.123) smtp.mailfrom=arm.com; dkim=pass (signature was verified) header.d=armh.onmicrosoft.com;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 63.35.35.123 as permitted sender) receiver=protection.outlook.com; client-ip=63.35.35.123; helo=64aa7808-outbound-1.mta.getcheckrecipient.com; pr=C Received: from 64aa7808-outbound-1.mta.getcheckrecipient.com (63.35.35.123) by AM7EUR03FT047.mail.protection.outlook.com (100.127.140.69) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5769.14 via Frontend Transport; Thu, 27 Oct 2022 15:33:18 +0000 Received: ("Tessian outbound 6c699027a257:v130"); Thu, 27 Oct 2022 15:33:18 +0000 X-CheckRecipientChecked: true X-CR-MTA-CID: a599590f8e01bc6a X-CR-MTA-TID: 64aa7808 Received: from eab757ee5f72.1 by 64aa7808-outbound-1.mta.getcheckrecipient.com id C66F9E9A-9A96-411D-A60D-9C83F4CC7D04.1; Thu, 27 Oct 2022 15:33:10 +0000 Received: from EUR04-HE1-obe.outbound.protection.outlook.com by 64aa7808-outbound-1.mta.getcheckrecipient.com with ESMTPS id eab757ee5f72.1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384); Thu, 27 Oct 2022 15:33:10 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=F/siGYXwNnJMssx9emKrrlSQWXtUkQBhDc4k9Ku2ZUjgrG176Q0f+H5SsXS0zT54iAsyNW/s2WcuscPOU/nUS7YCapB7CMdap0k84+lQEYr/FR/BRAfXM8tyYnln7nFzc/qndbCh01+/oaSx/FsWej7yJ03xyFcG2ufzyUW9APBTweQQarz9nkVMykA2ALHyB5brZ/tl3tG4mQF1xriwA1OGeJTmJ8TyQzeWgRUBTL0wlk+OlGA2xz0MA7ebVNQg3jN46Rtu+O1nNMnEKmp86+n76kO2y6JLDSxkrEM+1bFG2t2rzcSfxjRHHJmwDKGuAOGa/ZOLXpu8FVGWAA0Hdw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=g3ByCVI7ZrgPnsfhH82oSkxcL6uBsvoYr6NG4tDse0Q=; b=NYGKnVTezjO3yTsRsZmht8O/MZto0QoWcYFVaIYZXNblzMikeG9E1/WaYxE317RjGkjcbIpRuQ0aMubuYzwmaMJfCmZXAagRHIzIo5YMPYSUc7/zQ0wTRtEB4QkiRsatyZGMyzaDhAKF5RliV2vifClqhdw4uQp7zT0cNYvoZIjEvEH8AtkPFBBahZ8qr1nDs/GGo8W44GcE9zKJtCauK9CMQq3wtebegk20PEBIlquDDLM8di+Xr4CNe+odugU8TCAaoROgS02t9XJkZPZfSnBnOG009Tt3fxnyMpRWuVmoyNrPGDGVP6BMkzBcHg5GE8vxbpczlpAreHMmuXGZSA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass (sender ip is 40.67.248.234) smtp.rcpttodomain=sourceware.org smtp.mailfrom=arm.com; dmarc=pass (p=none sp=none pct=100) action=none header.from=arm.com; dkim=none (message not signed); arc=none Received: from DB6PR0201CA0033.eurprd02.prod.outlook.com (2603:10a6:4:3f::43) by GV1PR08MB8667.eurprd08.prod.outlook.com (2603:10a6:150:85::13) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5746.28; Thu, 27 Oct 2022 15:33:08 +0000 Received: from DBAEUR03FT049.eop-EUR03.prod.protection.outlook.com (2603:10a6:4:3f:cafe::e6) by DB6PR0201CA0033.outlook.office365.com (2603:10a6:4:3f::43) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5769.14 via Frontend Transport; Thu, 27 Oct 2022 15:33:08 +0000 X-MS-Exchange-Authentication-Results: spf=pass (sender IP is 40.67.248.234) smtp.mailfrom=arm.com; dkim=none (message not signed) header.d=none;dmarc=pass action=none header.from=arm.com; Received-SPF: Pass (protection.outlook.com: domain of arm.com designates 40.67.248.234 as permitted sender) receiver=protection.outlook.com; client-ip=40.67.248.234; helo=nebula.arm.com; pr=C Received: from nebula.arm.com (40.67.248.234) by DBAEUR03FT049.mail.protection.outlook.com (100.127.142.192) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.20.5723.20 via Frontend Transport; Thu, 27 Oct 2022 15:33:08 +0000 Received: from AZ-NEU-EX03.Arm.com (10.251.24.31) by AZ-NEU-EX03.Arm.com (10.251.24.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.12; Thu, 27 Oct 2022 15:33:07 +0000 Received: from armchair.cambridge.arm.com (10.2.80.71) by mail.arm.com (10.251.24.31) with Microsoft SMTP Server id 15.1.2507.12 via Frontend Transport; Thu, 27 Oct 2022 15:33:06 +0000 To: Subject: [PATCH 11/20] elf: Fix alloca size in _dl_debug_vdprintf Date: Thu, 27 Oct 2022 16:33:06 +0100 Message-ID: <913439ddce2d33024fa0d0da5d9f4c6234a30cde.1666877952.git.szabolcs.nagy@arm.com> X-Mailer: git-send-email 2.25.1 In-Reply-To: References: MIME-Version: 1.0 X-EOPAttributedMessage: 1 X-MS-TrafficTypeDiagnostic: DBAEUR03FT049:EE_|GV1PR08MB8667:EE_|AM7EUR03FT047:EE_|GVXPR08MB7752:EE_ X-MS-Office365-Filtering-Correlation-Id: f0973f71-d496-49d5-7b47-08dab8309292 x-checkrecipientrouted: true NoDisclaimer: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam-Untrusted: BCL:0; X-Microsoft-Antispam-Message-Info-Original: rpHRhU9hAupsF4NNd8lJFrAaHvsz7BIGQ8+f70mXaMDQCUSJkCzeucih7ARswvEdUwhEsV0JtDbppoO+HfwkjiR/KJ3FQuip/2h58qak4ZyqBJkl128xYtJd47UFSRYqGo8fPsc+SnSEUQSX18AEOqx4w0X1Kxf/zQorNFoqNB+qFpUG7aVxBjhPIcQeE1R2ec7E+p31u2fhFG9HIiXpHBjm9FkCMPw29Hihkk6dOzjuyB3C7ekRU9dJNPfAxFcmP/baudmuzwhBNDJCJmRMitm+Ub2SWzWZNZfe+ZB285u8UdFln6iN8HUgccGQuscVT1Gq7Me6//K7hbeuuJI/iHvI0ooaRciqNJqjg7S5RB5dErMXU09jvRI6z2img4es4afHblNPf5HC5hlE9nhKFfhoNY6W4FaUusCKPaSUmPpUVjKFK8pNHmzJin0zHab5gz8qNg2tw788BZGu5dkLksRGt7zezQAYdkefnfyRq+gpfjfrGco/Q8F2QegqtpSjFFuucAPgAVAdaddec0in1JXVsqpB0Y5n8YCFTmYTsZBc0QbP+SQB5R6aGxfMnKJvxSxqFzu8YvEWw2bPDpV71BR9wm6M52Yk6tEV1w0e4npSX2qhCLbrTTQ7dilHyL639IAOGmDVj+pEGWlgTbeiNu4di8h5iH/JsgyZ4nR390UMlohAqxUNCZPYwm6NkEO1fEtSv4GLWHO+uGspM8iys+Y7/OBcPl5FwvlKhynQfhTYCZQi9J1W1G4QZN6t2jpsmOLY4LGzlgbe/aZd2ZjpZ9ei93v4f9gB7RFQgqBO3oQxI5OqFjcFh5ZJMhHyHv1G X-Forefront-Antispam-Report-Untrusted: CIP:40.67.248.234; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:nebula.arm.com; PTR:InfoDomainNonexistent; CAT:NONE; SFS:(13230022)(4636009)(376002)(136003)(39860400002)(396003)(346002)(451199015)(36840700001)(46966006)(40470700004)(47076005)(36756003)(2906002)(36860700001)(86362001)(44832011)(336012)(40460700003)(41300700001)(2616005)(426003)(186003)(81166007)(356005)(82740400003)(83380400001)(478600001)(6916009)(70206006)(70586007)(26005)(7696005)(316002)(8676002)(82310400005)(5660300002)(40480700001)(8936002)(36900700001); DIR:OUT; SFP:1101; X-MS-Exchange-Transport-CrossTenantHeadersStamped: GV1PR08MB8667 X-MS-Exchange-Transport-CrossTenantHeadersStripped: AM7EUR03FT047.eop-EUR03.prod.protection.outlook.com X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id-Prvs: bc1db469-0abd-414d-bec2-08dab8308c90 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: 5JLHLyuHx+LTyxDkT+5Fd+MfSYS4CSIzArAoJrKVVfkQuzs/DUBionxPsKCXOsfQfc2k1ai8oufLbpVzfRahrxUHqLZk/EawRWnYWYm/NEdUred6cgB5y7ALzs0X4kwJXplqEG5zLRQc0utCVOCFuzqoWVdoAHzc/7ebsvuwVkurZjLfksIu/PF40ng1tq1BfCAwpqUBsPw9DcA2feyPDyGLYDysr7X5RNE9g2D8tAPjBrIoiz9wzC4MWaIKII+5tE17dRH/v6rb26eGvReupDNJmv89T1Xfia95VT7qiF5XQa5bvU3bp5/0pF9QYCu9XhwZQl7mmNd4hMH5qRtl6bcgaJ9kdRm9NWE7jJWqCb7yBeTBu45dibATKTXudGJdA9Wk1tJ4k2qOikMYFbLkXVhiA3APKxVsQ166QD2+6OO1Y3sbMpdurBF4wzChe6tJ7/d3fVAGFp2atrMX7+NhRyaQJzxoodHFOF3zzYkpdh10WAHd1d2xQPssPa7u3dFeDiRoPXuSfC1lJQKEopAbqBngjrMEGp2AGDlh0PgJ5dRLqqeeDvRNRNt99AKJ/daehUUgrtERMjIsqqix+nXAjlgrsGnvhaZk5sP8Iyy3T8bye6g2t48kLQpylPy0Ba5CUpTdiJE7hbt5y/eBbXVotO0nBiclDGOPmWRBgbRyJMY9tadqOjX4hIqy4Ub6i7L9/yu+Z3yh9DnR8XbiezeH5ndc61c11lLx7x3dxoEw3ZFMCweG3j8pHfPB+Nv/z8ugnsyCCqmw//ZsJeuqEiq5YQ== X-Forefront-Antispam-Report: CIP:63.35.35.123; CTRY:IE; LANG:en; SCL:1; SRV:; IPV:CAL; SFV:NSPM; H:64aa7808-outbound-1.mta.getcheckrecipient.com; PTR:ec2-63-35-35-123.eu-west-1.compute.amazonaws.com; CAT:NONE; SFS:(13230022)(4636009)(346002)(39860400002)(396003)(376002)(136003)(451199015)(36840700001)(46966006)(40470700004)(82740400003)(426003)(82310400005)(40480700001)(81166007)(86362001)(47076005)(478600001)(6916009)(83380400001)(8936002)(7696005)(316002)(36756003)(26005)(40460700003)(70586007)(41300700001)(44832011)(36860700001)(2906002)(336012)(186003)(5660300002)(70206006)(8676002)(2616005); DIR:OUT; SFP:1101; X-OriginatorOrg: arm.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 27 Oct 2022 15:33:18.2892 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: f0973f71-d496-49d5-7b47-08dab8309292 X-MS-Exchange-CrossTenant-Id: f34e5979-57d9-4aaa-ad4d-b122a662184d X-MS-Exchange-CrossTenant-OriginalAttributedTenantConnectingIp: TenantId=f34e5979-57d9-4aaa-ad4d-b122a662184d; Ip=[63.35.35.123]; Helo=[64aa7808-outbound-1.mta.getcheckrecipient.com] X-MS-Exchange-CrossTenant-AuthSource: AM7EUR03FT047.eop-EUR03.prod.protection.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-FromEntityHeader: HybridOnPrem X-MS-Exchange-Transport-CrossTenantHeadersStamped: GVXPR08MB7752 X-Spam-Status: No, score=-11.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, FORGED_SPF_HELO, GIT_PATCH_0, KAM_DMARC_NONE, RCVD_IN_DNSWL_NONE, RCVD_IN_MSPIKE_H2, SPF_HELO_PASS, SPF_NONE, TXREP, UNPARSEABLE_RELAY autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: libc-alpha@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Libc-alpha mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Szabolcs Nagy via Libc-alpha From: Szabolcs Nagy Reply-To: Szabolcs Nagy Errors-To: libc-alpha-bounces+patchwork=sourceware.org@sourceware.org Sender: "Libc-alpha" The alloca size did not consider the optional width parameter for padding which could cause buffer underflow. The width is currently used e.g. by _dl_map_object_from_fd which passes 2 * sizeof(void *) which can be larger than the alloca buffer size on targets where sizeof(void *) >= 2 * sizeof(unsigned long). Even if large width is not used on existing targets it is better to fix the formatting code to avoid surprises. Reviewed-by: Florian Weimer --- elf/dl-printf.c | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/elf/dl-printf.c b/elf/dl-printf.c index 429d2e80c2..00c114002c 100644 --- a/elf/dl-printf.c +++ b/elf/dl-printf.c @@ -163,8 +163,11 @@ _dl_debug_vdprintf (int fd, int tag_p, const char *fmt, va_list arg) /* We use alloca() to allocate the buffer with the most pessimistic guess for the size. Using alloca() allows having more than one integer formatting in a call. */ - char *buf = (char *) alloca (1 + 3 * sizeof (unsigned long int)); - char *endp = &buf[1 + 3 * sizeof (unsigned long int)]; + int size = 1 + 3 * sizeof (unsigned long int); + if (width + 1 > size) + size = width + 1; + char *buf = (char *) alloca (size); + char *endp = &buf[size]; char *cp = _itoa (num, endp, *fmt == 'x' ? 16 : 10, 0); /* Pad to the width the user specified. */