On Wed, Nov 29, 2017 at 02:56:03PM -0800, Andrew Morton wrote:
> On Mon, 27 Nov 2017 21:29:25 -0800 Andrei Vagin <[email protected]> wrote:
>
> > On Tue, Nov 21, 2017 at 12:27:06AM +0300, Alexey Dobriyan wrote:
> > > Current code does:
> > >
> > > if (sscanf(dentry->d_name.name, "%lx-%lx", start, end) != 2)
> > >
> > > However sscanf() is broken garbage.
> > >
> > > It silently accepts whitespace between format specifiers
> > > (did you know that?).
> > >
> > > It silently accepts valid strings which result in integer overflow.
> > >
> > > Do not use sscanf() for any even remotely reliable parsing code.
> >
> > This patch breaks criu, criu has one places where a file name is generated
> > as map_files/%p-%p
> >
> > openat(1048572, "map_files/0x7f9912dd5000-0x7f9912de4000", O_RDWR) = -1 ENOENT (No such file or directory) <0.000015>
> >
> > And this code worked before this patch and it doesn't work with this
> > patch. And you have to know that we never break user-space programs ;)
> >
> > But seriously, the patch looks good to me, but I would prefer to not queue
> > it into stable kernels.
>
> The patch breaks CRIU but you're OK with merging it? How does that work ;)
It was a bug in criu. And this bug is on a minor path, which works when
memfd_create() isn't available. It is a reason why I ask to not
backport this patch to stable kernels.
In CRIU this bug can be triggered, only if this patch will be backported
to a kernel which version is lower than v3.16.
>
> Now I'm worried that it will break other things.
I think a chance is very small. All programs should use names which
listed in /proc/PID/map_files/.
From 1585442988192334402@xxx Wed Nov 29 22:57:37 +0000 2017
X-GM-THRID: 1584621974020232218
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread