[Crash-utility] [External Mail][????] Re: [PATCH] netdump: bugfix for read elf header
Mathias Krause
minipli at grsecurity.net
Mon Nov 30 14:47:14 UTC 2020
Am 30.11.20 um 14:50 schrieb 赵乾利:
> Please found below strace,read size only 232,it's less then
> "SAFE_NETDUMP_ELF_HEADER_SIZE".
> [...]
> open("/var/tmp/ramdump_elf_viw34m", O_RDWR) = 5
> read(5,
> "\177ELF\2\1\1\3\0\0\0\0\0\0\0\0\4\0\267\0\1\0\0\0\0\0\0\0\0\0\0\0"...,
> 304) = 232
Thanks, so it's really a small file. Is it a valid one, though?
> [...]
> write(6, "/var/tmp/ramdump_elf_viw34m: ELF"...,
> 72/var/tmp/ramdump_elf_viw34m: ELF header read: No such file or directory
> ) = 72
And that message is just misleading, as it's a stale error...
> [...]
>
>> Anyhow,this change introduces a regression to the code that's following,
> which
>> assumes the full 'size' was read, like the sanity checks for finding the
>> PT_NOTE program header. So you should either update 'size' so it mirrors
>> the actual bytes read or double-check that the kdump file you're trying
>> to analyze is actually a real one.
>
> After apply the patch,issue is gone,so it's not kdump files problem.
Ok, thanks for clarifying.
> How about below patch set?
>
> commit 8daecb704fa37a17e3c5294e35e593bfc1545016
> Author: Qianli Zhao <zhaoqianli at xiaomi.com>
> Date: Mon Nov 30 17:17:32 2020 +0800
>
> netdump: bugfix for read elf header
>
> Without the patch,errors may occur in reading the ELF header,
> causing the parsing to fail.header file size may smaller than
> SAFE_NETDUMP_ELF_HEADER_SIZE
>
> Signed-off-by: Qianli Zhao <zhaoqianli at xiaomi.com>
The subject is too generic and the description not accurate enough. How
about something like this?:
netdump: fix regression for tiny kdump files
Commit f42db6a33f0e ("Support core files with "unusual" layout")
increased the minimal file size from MIN_NETDUMP_ELF_HEADER_SIZE to
SAFE_NETDUMP_ELF_HEADER_SIZE which lead to crash rejecting very
small kdump files.
Fix that by erroring out only if we get less than
MIN_NETDUMP_ELF_HEADER_SIZE bytes.
> diff --git a/netdump.c b/netdump.c
> index c76d9dd..2e3e255 100644
> --- a/netdump.c
> +++ b/netdump.c
> @@ -142,7 +142,7 @@ is_netdump(char *file, ulong source_query)
> if (!read_flattened_format(fd, 0, eheader, size))
> goto bailout;
> } else {
> - if (read(fd, eheader, size) != size) {
> + if ((size = read(fd, eheader, size)) <
> MIN_NETDUMP_ELF_HEADER_SIZE) {
As size is unsigned, this would lead to different errors in case the
read() fails, i.e. returns -1.
Can you please do something like this instead?:
- change type of 'size' to 'ssize_t'
- change the "else" block as follows:
size = read(fd, eheader, size);
if (size < MIN_NETDUMP_ELF_HEADER_SIZE) {
sprintf(buf, "%s: ELF header read", file);
if (size < 0)
perror(buf);
else
fprintf(stderr, "%s: file too small!\n", buf);
goto bailout;
}
Thanks,
Mathias
> sprintf(buf, "%s: ELF header read", file);
> perror(buf);
> goto bailout;
More information about the Crash-utility
mailing list