From root@ftp0.uk.multiplay.co.uk  Sun May 24 19:13:21 2009
Return-Path: <root@ftp0.uk.multiplay.co.uk>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id CFDB9106564A
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 24 May 2009 19:13:21 +0000 (UTC)
	(envelope-from root@ftp0.uk.multiplay.co.uk)
Received: from ftp1.multiplay.co.uk (ftp0.uk.multiplay.co.uk [85.236.96.13])
	by mx1.freebsd.org (Postfix) with ESMTP id 72DE48FC29
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 24 May 2009 19:13:21 +0000 (UTC)
	(envelope-from root@ftp0.uk.multiplay.co.uk)
Received: from ftp1.multiplay.co.uk (localhost.multiplay.co.uk [127.0.0.1])
	by ftp1.multiplay.co.uk (8.14.3/8.14.3) with ESMTP id n4OJDKEw001069
	for <FreeBSD-gnats-submit@freebsd.org>; Sun, 24 May 2009 20:13:20 +0100 (BST)
	(envelope-from root@ftp0.uk.multiplay.co.uk)
Received: (from root@localhost)
	by ftp1.multiplay.co.uk (8.14.3/8.14.3/Submit) id n4OJDKvX001068;
	Sun, 24 May 2009 20:13:20 +0100 (BST)
	(envelope-from root)
Message-Id: <200905241913.n4OJDKvX001068@ftp1.multiplay.co.uk>
Date: Sun, 24 May 2009 20:13:20 +0100 (BST)
From: Steven Hartland & <steven.hartland@multiplay.co.uk>
Reply-To: Steven Hartlanbd & <steven.hartland@multiplay.co.uk>
To: FreeBSD-gnats-submit@freebsd.org
Cc:
Subject: truss off by one error on syscall check
X-Send-Pr-Version: 3.113
X-GNATS-Notify:

>Number:         134916
>Category:       bin
>Synopsis:       truss off by one error on syscall check
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    delphij
>State:          closed
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sun May 24 19:20:02 UTC 2009
>Closed-Date:    Thu Jun 11 00:43:34 UTC 2009
>Last-Modified:  Thu Jun 11 00:43:34 UTC 2009
>Originator:     Steven Hartland &
>Release:        FreeBSD 7.2-RELEASE i386
>Organization:
Multiplay
>Environment:
System: FreeBSD ftp1.multiplay.co.uk 7.2-RELEASE FreeBSD 7.2-RELEASE #0: Sun May 24 19:21:08 BST 2009 root@ftp1.multiplay.co.uk:/usr/obj/usr/src/sys/MULTIPLAY i386

>Description:
	Truss has an invalid bounds check on syscalls which can result in a segv if an app which includes a syscall not listed is traces e.g. a new linux app.

>How-To-Repeat:
	Trace an application with a syscall > than the max syscall listed
>Fix:
	Change all occurances of:-
	(syscall_num < 0 || syscall_num > nsyscalls) ?  NULL : syscallnames[syscall_num];
	to:-
	(syscall_num < 0 || syscall_num >= nsyscalls) ?  NULL : syscallnames[syscall_num];


>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->patched 
State-Changed-By: delphij 
State-Changed-When: Thu May 28 00:38:55 UTC 2009 
State-Changed-Why:  
Patch applied against -HEAD, pending MFC. 


Responsible-Changed-From-To: freebsd-bugs->delphij 
Responsible-Changed-By: delphij 
Responsible-Changed-When: Thu May 28 00:38:55 UTC 2009 
Responsible-Changed-Why:  
Take. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=134916 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/134916: commit references a PR
Date: Thu, 28 May 2009 00:38:34 +0000 (UTC)

 Author: delphij
 Date: Thu May 28 00:38:24 2009
 New Revision: 192943
 URL: http://svn.freebsd.org/changeset/base/192943
 
 Log:
   Correct off-by-one issue in truss(1) which happens when system call number
   is nsyscalls.
   
   PR:		bin/134916
   Submitted by:	Steven Hartland <steven hartland multiplay co uk>
   MFC after:	2 weeks
 
 Modified:
   head/usr.bin/truss/amd64-fbsd.c
   head/usr.bin/truss/amd64-fbsd32.c
   head/usr.bin/truss/amd64-linux32.c
   head/usr.bin/truss/i386-fbsd.c
   head/usr.bin/truss/i386-linux.c
   head/usr.bin/truss/ia64-fbsd.c
   head/usr.bin/truss/mips-fbsd.c
   head/usr.bin/truss/powerpc-fbsd.c
   head/usr.bin/truss/sparc64-fbsd.c
 
 Modified: head/usr.bin/truss/amd64-fbsd.c
 ==============================================================================
 --- head/usr.bin/truss/amd64-fbsd.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/amd64-fbsd.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -142,7 +142,7 @@ amd64_syscall_entry(struct trussinfo *tr
  
    fsc.number = syscall_num;
    fsc.name =
 -    (syscall_num < 0 || syscall_num > nsyscalls) ?  NULL : syscallnames[syscall_num];
 +    (syscall_num < 0 || syscall_num >= nsyscalls) ?  NULL : syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
    }
 
 Modified: head/usr.bin/truss/amd64-fbsd32.c
 ==============================================================================
 --- head/usr.bin/truss/amd64-fbsd32.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/amd64-fbsd32.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -152,7 +152,7 @@ amd64_fbsd32_syscall_entry(struct trussi
  
    fsc.number = syscall_num;
    fsc.name =
 -    (syscall_num < 0 || syscall_num > nsyscalls) ? NULL :
 +    (syscall_num < 0 || syscall_num >= nsyscalls) ? NULL :
        freebsd32_syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
 
 Modified: head/usr.bin/truss/amd64-linux32.c
 ==============================================================================
 --- head/usr.bin/truss/amd64-linux32.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/amd64-linux32.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -124,7 +124,7 @@ amd64_linux32_syscall_entry(struct truss
  
    fsc.number = syscall_num;
    fsc.name =
 -    (syscall_num < 0 || syscall_num > nsyscalls) ? NULL : linux32_syscallnames[syscall_num];
 +    (syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : linux32_syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
    }
 
 Modified: head/usr.bin/truss/i386-fbsd.c
 ==============================================================================
 --- head/usr.bin/truss/i386-fbsd.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/i386-fbsd.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -147,7 +147,7 @@ i386_syscall_entry(struct trussinfo *tru
  
    fsc.number = syscall_num;
    fsc.name =
 -    (syscall_num < 0 || syscall_num > nsyscalls) ? NULL : syscallnames[syscall_num];
 +    (syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
    }
 
 Modified: head/usr.bin/truss/i386-linux.c
 ==============================================================================
 --- head/usr.bin/truss/i386-linux.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/i386-linux.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -124,7 +124,7 @@ i386_linux_syscall_entry(struct trussinf
  
    fsc.number = syscall_num;
    fsc.name =
 -    (syscall_num < 0 || syscall_num > nsyscalls) ? NULL : linux_syscallnames[syscall_num];
 +    (syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : linux_syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
    }
 
 Modified: head/usr.bin/truss/ia64-fbsd.c
 ==============================================================================
 --- head/usr.bin/truss/ia64-fbsd.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/ia64-fbsd.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -135,7 +135,7 @@ ia64_syscall_entry(struct trussinfo *tru
      syscall_num = (int)*parm_offset++;
  
    fsc.number = syscall_num;
 -  fsc.name = (syscall_num < 0 || syscall_num > nsyscalls)
 +  fsc.name = (syscall_num < 0 || syscall_num >= nsyscalls)
        ? NULL : syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
 
 Modified: head/usr.bin/truss/mips-fbsd.c
 ==============================================================================
 --- head/usr.bin/truss/mips-fbsd.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/mips-fbsd.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -139,7 +139,7 @@ mips_syscall_entry(struct trussinfo *tru
  
    fsc.number = syscall_num;
    fsc.name =
 -    (syscall_num < 0 || syscall_num > nsyscalls) ? NULL : syscallnames[syscall_num];
 +    (syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
    }
 
 Modified: head/usr.bin/truss/powerpc-fbsd.c
 ==============================================================================
 --- head/usr.bin/truss/powerpc-fbsd.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/powerpc-fbsd.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -149,7 +149,7 @@ powerpc_syscall_entry(struct trussinfo *
  
    fsc.number = syscall_num;
    fsc.name =
 -    (syscall_num < 0 || syscall_num > nsyscalls) ? NULL : syscallnames[syscall_num];
 +    (syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
    }
 
 Modified: head/usr.bin/truss/sparc64-fbsd.c
 ==============================================================================
 --- head/usr.bin/truss/sparc64-fbsd.c	Thu May 28 00:18:11 2009	(r192942)
 +++ head/usr.bin/truss/sparc64-fbsd.c	Thu May 28 00:38:24 2009	(r192943)
 @@ -145,7 +145,7 @@ sparc64_syscall_entry(struct trussinfo *
  
    fsc.number = syscall_num;
    fsc.name =
 -    (syscall_num < 0 || syscall_num > nsyscalls) ? NULL : syscallnames[syscall_num];
 +    (syscall_num < 0 || syscall_num >= nsyscalls) ? NULL : syscallnames[syscall_num];
    if (!fsc.name) {
      fprintf(trussinfo->outfile, "-- UNKNOWN SYSCALL %d --\n", syscall_num);
    }
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
State-Changed-From-To: patched->closed 
State-Changed-By: delphij 
State-Changed-When: Thu Jun 11 00:43:08 UTC 2009 
State-Changed-Why:  
Patch MFC'ed to 7-STABLE, thanks for your submission! 

http://www.freebsd.org/cgi/query-pr.cgi?pr=134916 
>Unformatted:
