Received: by 2002:a05:6358:c692:b0:131:369:b2a3 with SMTP id fe18csp631998rwb; Tue, 25 Jul 2023 23:37:45 -0700 (PDT) X-Google-Smtp-Source: APBJJlHr+nr+GUCnoQkQyKVBSA1yv9gGSaxW03VjYwWb/p3HLNiS6KLuvuCm2+08FvF4yHCjInDA X-Received: by 2002:a17:90a:4414:b0:262:e6c6:c2ec with SMTP id s20-20020a17090a441400b00262e6c6c2ecmr901949pjg.33.1690353465557; Tue, 25 Jul 2023 23:37:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1690353465; cv=none; d=google.com; s=arc-20160816; b=soLg2mH3ELWj/pRjPTXi9twO9Gd6KWhti4CfrE7MH7ibodLWqmvGTbOlHIuQEht47Y MBuobz4obxWBDsn2LGkl7moWZyKd/TJdmh/bQUcuBJAx3kz4D5uLADwORNfpCjN4aZLG omTwpOK5HOj8LDRFd40pZUabYz+xDb5Uk+IF9qrq06RKAiYTVVYAtK1VpLpMPBv+ucAl sRaOhO86d1J2PmhFn9SQ/qwiSyyWKmulk+VGzXdWAripJubR2M8QVP9d3/fHJsFVlGH7 J+7UGb3aZ8f5H9bQ3t2QOF9zqK3vLZByReqWkhE+GpUjZhtJq7pl1WpiI8hoExdJDPta YYbw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:message-id:content-transfer-encoding :mime-version:subject:date:from:dkim-signature; bh=tDzo138tk2drq5s5YkT0qjaJEjbyHEFRuGJs4QY7iqU=; fh=anc2sGzb4jD2esaicXVagBu3yoROfMJF46EhV8H+dZ8=; b=VVdaE2n2YgwxMYkRf45rumoMojgQEozPglTOWSqGqRnYVe3+j5gGzPIubb1uirzIQ/ UqBlXQeRvGFB5EH8vuDFPlEW5KtwAB4SNrdNZR06C1QEsn66vdR/DB+LQ9rAjZx80TnM EbG4XuCfzQcGIi3FzNM4F1EY3w901jmFrErw5t5b37XoJEPY7HkhSLKKgq7BCmwzAVyo 3GUeEUn+esSTGTGGWqxauwMRMP+fQcFHf3JjbiA+KoBVzhHF+JfZFFF0vcAA5y+u2fVU GBCq+TBLN9HPRfHQmT9z8XuDYNp9Z36rHuzbnLJTdmET6b/kg8mcd903xSJ+30G1Lpj5 yq7A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@weissschuh.net header.s=mail header.b=mFk3L4cg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from out1.vger.email (out1.vger.email. [2620:137:e000::1:20]) by mx.google.com with ESMTP id i34-20020a17090a3da500b0025690f8610bsi668414pjc.59.2023.07.25.23.37.32; Tue, 25 Jul 2023 23:37:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) client-ip=2620:137:e000::1:20; Authentication-Results: mx.google.com; dkim=pass header.i=@weissschuh.net header.s=mail header.b=mFk3L4cg; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::1:20 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231902AbjGZGI3 (ORCPT + 99 others); Wed, 26 Jul 2023 02:08:29 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:44440 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231854AbjGZGIV (ORCPT ); Wed, 26 Jul 2023 02:08:21 -0400 Received: from todd.t-8ch.de (todd.t-8ch.de [IPv6:2a01:4f8:c010:41de::1]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id AFD24F5; Tue, 25 Jul 2023 23:08:17 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=weissschuh.net; s=mail; t=1690351695; bh=v6O6SwuFgKs/SoAmzquypRykV9tYHTJm4FpBMJUzSEE=; h=From:Date:Subject:To:Cc:From; b=mFk3L4cgyTnJpqynGlSNzeDFNoOCUL/3sdUHZ4Rhvu53gpH6h8NI0eTBLvnEL4I0O H1Z4MAbVmWA98KZ3ix74euVOo+O264gX8M7xOzgv1nvm8qgKWrUNmnMY/BiIl+qNak rEeb2hZXTr3X2lnn7+R7oQ/cc9EIiWwHW4y0knWk= From: =?utf-8?q?Thomas_Wei=C3=9Fschuh?= Date: Wed, 26 Jul 2023 08:08:13 +0200 Subject: [PATCH] selftests/nolibc: avoid buffer underrun in space printing MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Message-Id: <20230726-nolibc-result-width-v1-1-d1d2dc21844e@weissschuh.net> X-B4-Tracking: v=1; b=H4sIAEy4wGQC/x3MTQqAIBBA4avErBswk4KuEi1SxxwIC+0PwrsnL b/Fey8kikwJhuqFSBcn3kJBU1dg/BwWQrbFIIVsRS87DNvK2mCkdK4H3mwPj41TWmjlWjMLKOU eyfHzX8cp5w+ybX56ZQAAAA== To: Willy Tarreau , Shuah Khan , Zhangjin Wu Cc: linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, =?utf-8?q?Thomas_Wei=C3=9Fschuh?= X-Mailer: b4 0.12.3 X-Developer-Signature: v=1; a=ed25519-sha256; t=1690351694; l=1238; i=linux@weissschuh.net; s=20221212; h=from:subject:message-id; bh=v6O6SwuFgKs/SoAmzquypRykV9tYHTJm4FpBMJUzSEE=; b=RnPYAT0THCDr3pSIkFnyurroxKZQEZoV6fHlvEF71L/l3netZuAt2yUhzZhUzYBChtfpsy2dl whqCv19sqPTDt+DVSrBPtGM5DiopPoKOAJqZU1JRTMV9p3FYslsqPqN X-Developer-Key: i=linux@weissschuh.net; a=ed25519; pk=KcycQgFPX2wGR5azS7RhpBqedglOZVgRPfdFSPB1LNw= X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,SPF_HELO_NONE,SPF_PASS, T_SCC_BODY_TEXT_LINE,URIBL_BLOCKED autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on lindbergh.monkeyblade.net Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org If the test description is longer than the status alignment the parameter 'n' to putcharn() would lead to a signed underflow that then gets converted to a very large unsigned value. This in turn leads out-of-bound writes in memset() crashing the application. The failure case of EXPECT_PTRER() used in "mmap_bad" exhibits this exact behavior. Fixes: 8a27526f49f9 ("selftests/nolibc: add EXPECT_PTREQ, EXPECT_PTRNE and EXPECT_PTRER") Signed-off-by: Thomas Weißschuh --- tools/testing/selftests/nolibc/nolibc-test.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/tools/testing/selftests/nolibc/nolibc-test.c b/tools/testing/selftests/nolibc/nolibc-test.c index 03b1d30f5507..9b76603e4ce3 100644 --- a/tools/testing/selftests/nolibc/nolibc-test.c +++ b/tools/testing/selftests/nolibc/nolibc-test.c @@ -151,7 +151,8 @@ static void result(int llen, enum RESULT r) else msg = "[FAIL]"; - putcharn(' ', 64 - llen); + if (llen < 64) + putcharn(' ', 64 - llen); puts(msg); } --- base-commit: dfef4fc45d5713eb23d87f0863aff9c33bd4bfaf change-id: 20230726-nolibc-result-width-1f4b0b4f3ca0 Best regards, -- Thomas Weißschuh