Received: by 10.223.164.202 with SMTP id h10csp2622863wrb; Mon, 27 Nov 2017 21:30:28 -0800 (PST) X-Google-Smtp-Source: AGs4zMZWSQ1KcmKtxMGu48njs/AxmQ4g5FuH2EgR6OqfmrmgzzcvRl7kEHDjNP0YGtbFEIw2x1Tf X-Received: by 10.98.8.67 with SMTP id c64mr39824301pfd.50.1511847028608; Mon, 27 Nov 2017 21:30:28 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1511847028; cv=none; d=google.com; s=arc-20160816; b=ukxY0i1OuRr11/C+2w/LHR15tcPNKq2Sm+2/QXVuQmrYcSsXYAZpIgmQ/tWpAcBYKM KnBQwTHrSgJE28xwO7YC0bUCBndc9wiyLPuKoY4w1euiKP9/jDl2DZ5BJ7hHw1tEExeP 5q8gzlIrfKl3mX3W8i2ScSTfDgDGrgoT7/NyVZh1PqBKRC+lkJ7387ZkL7YK+78dXgK6 +iWnz5LMCwtKi76JCbOTV5KAHkWnYCNAPgUYKbAU9FptiV45413jOXJbMvZMAPILbFfE IcAdJd9Lv4qJ15D3ANu+/yXpLqXwVhvJaP3jzi32dJfMdh/3nLdjW4K0jD7Do/FohNau PV0w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:spamdiagnosticmetadata :spamdiagnosticoutput:user-agent:in-reply-to:content-disposition :mime-version:references:message-id:subject:cc:to:from:date :dkim-signature:arc-authentication-results; bh=Gk+DIN4skxBNM343NPjFpEqststc5z4P9BdQWBcZoPk=; b=KKScpl/ACHd5VuW1meSSAACWEmH6jDBJXttYLE64jOfF5msGBo5eg4t0Lej+BgBC12 gzb/5y+vEnAnwc8iEAhYU9jqn//+zx73yfokcEaKm72sIKUqSDCzUG63+1NtZ9f5ENL7 SGwGssogja4FrGr3qzhUS4tvwAB4OhkMdAxkb9dJDkOqH5ROmaUhYlMkc1pTs3oI9Lup kYPg89YJ/ytztlOBnPzGHU+iO6V9MWqM2vzy0u583Md2Ho1faJSusAtKUfqmGXn69COr /VHLygkCtrULGe5uQeIgdlNRLiTT0/x6StMqSvkhJXEaE5VFwMpZX3xp9b1QZX3Szylg H4MA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@virtuozzo.com header.s=selector1 header.b=HwtsC3dU; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id u10si24095971pge.222.2017.11.27.21.30.16; Mon, 27 Nov 2017 21:30:28 -0800 (PST) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@virtuozzo.com header.s=selector1 header.b=HwtsC3dU; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=virtuozzo.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751378AbdK1F3l (ORCPT + 77 others); Tue, 28 Nov 2017 00:29:41 -0500 Received: from mail-he1eur01on0127.outbound.protection.outlook.com ([104.47.0.127]:22432 "EHLO EUR01-HE1-obe.outbound.protection.outlook.com" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1750793AbdK1F3k (ORCPT ); Tue, 28 Nov 2017 00:29:40 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=virtuozzo.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=Gk+DIN4skxBNM343NPjFpEqststc5z4P9BdQWBcZoPk=; b=HwtsC3dU/dCN0+N3mUI6jFxckhAAfFr33hs821Aa+BT9KFG2EZHFt7BUSs6LXhKXPVJg0xRkpnE14w26C9OhgEeU1AfKT3uZ1tWovFOzS8u9QiPtsyYPXHkzV0+eQCQnScfJqjlkbCimKpWQlf3VXHXCnggp8kzCdZQy9B/SswE= Authentication-Results: spf=none (sender IP is ) smtp.mailfrom=avagin@virtuozzo.com; Received: from outlook.office365.com (73.140.212.29) by HE1PR08MB0746.eurprd08.prod.outlook.com (2a01:111:e400:59b1::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P256) id 15.20.260.4; Tue, 28 Nov 2017 05:29:34 +0000 Date: Mon, 27 Nov 2017 21:29:25 -0800 From: Andrei Vagin To: Alexey Dobriyan Cc: akpm@linux-foundation.org, linux-kernel@vger.kernel.org, xemul@virtuozzo.com Subject: Re: proc: fix /proc/*/map_files lookup Message-ID: <20171128052924.GA7047@outlook.office365.com> References: <20171120212706.GA14325@avx2> MIME-Version: 1.0 Content-Type: text/plain; charset=koi8-r Content-Disposition: inline In-Reply-To: <20171120212706.GA14325@avx2> User-Agent: Mutt/1.9.1 (2017-09-22) X-Originating-IP: [73.140.212.29] X-ClientProxiedBy: HE1PR0701CA0061.eurprd07.prod.outlook.com (2603:10a6:3:9e::29) To HE1PR08MB0746.eurprd08.prod.outlook.com (2a01:111:e400:59b1::12) X-MS-PublicTrafficType: Email X-MS-Office365-Filtering-Correlation-Id: 78507ee7-352d-4c6a-b311-08d53621032d X-Microsoft-Antispam: UriScan:;BCL:0;PCL:0;RULEID:(4534020)(4602075)(4627115)(201703031133081)(201702281549075)(5600026)(4604075)(2017052603258);SRVR:HE1PR08MB0746; X-Microsoft-Exchange-Diagnostics: 1;HE1PR08MB0746;3:59IsfG+VtWhmgct5jVkvi4Q+KNZ1/EGyJjcTmv4ezpKaDpEwpMTuQ7GLW44bhPVvF5TIIOg14oUwvloqutBxv5VqnvF/xprdeAsRgRXmXh2f7gAxILO/rMUud59j3U9ie6PWU1MJz5/FFPcok6wvlucUrsfkiULzdbcMhUkHkY+26rqHAGJXZg70CnfkgHZUMsUIE6slv5NYMl959VUun1Y3Kc2WzslyAljYMzMn+Y6x8J/xvn1N2AQJpEzTQGXG;25:/0XGsBWlg4upTAxMN6/Km+fiTwXRVbOkJMb+cz68+IhCPoxMCKRdEDA6aiQ8WZkM/G+MuBlkehHkTgpnG56nb6jzX3qvEQki8b9dOlDIJzF3LkCk8CmYhXGV+jCBtssKgagp2zm9eFd+/8fNDUpWZ9HZTBJDrnZ70JLB+sYxNJmitS8pEsbEuzgKv5ifwZEcwxSgrVAQU3iG7JSEzDXQsc6VXkxj/eFDS5myrTicSyL3YiA4jKNQBfxA5yoN9FLEpAuI85wdZQZAn//AEQAmNZ4c6KU4adkewKECBkxTD2t3VhM+HwUcMa9mObcp3BmqgEc7tsTrK5AzW/Bb4l/orA==;31:7hMBKF9W+MpZjGnIUBO/IqKXfm7ehU5Wf4W+BhEHu0di5XEi+Th8W+2gzM3LHxKpLLLDxHC+vpgnKIuBicl/E9LoNLCFGynXJKQv/OmaQcq3Y/Twt5gpoauVVDxRccxXkzV4tfRQjoxCpAaDB+eKDjJC6fg1tCJlBnZrtUB5VLTuEAwGosM9qsrSk3BKW+PeHuIhkw75JwYIZMZzsTQREsHVGNbQmfZ6TMa1TZ/O//I= X-MS-TrafficTypeDiagnostic: HE1PR08MB0746: X-Microsoft-Exchange-Diagnostics: 1;HE1PR08MB0746;20:UFqfF3cg2IPy1kTryM+jBt4YAjy+Eq0yFyzU65gKbrwjqFjhA5MeeYuZyzhUP+UTahUFbFLEAJYbvcyNMvHkza8M8NHjxSD1W+2QIWF4+pWzKbV7A6TAtS6su/oHrZfARRwNtEs8MGIlx0J6wg6j+NygCyHeXVBsLX1UxoV4VxX/pJpglBISMKuD78uUMpcFie8OXD1e6VBSF4PBuWZASLSdkld45lXs19bI/D7lSe9tkOZOvg1q1OdbVWbrQbUoeBTd2eBTpOEQBEX9GmDWkqmIjy2iXdsItnJobgxWGIJuFr3lX8h/9vgsvcrcUEmkjLNt1FxoZWfENpUbkgXwc629WNlom09YL71VHSlQBO7m04k4XXSgoF0Ff1bY9GQom3pgN1MzkxlVYMAWQ95fUUmcV17fUY4rW69GoNVeki4=;4:Qht7e3p7JqR3jJ0c9EmZRSb/DGE5hBnx91CBjq5t4xSt8nu0PgCU4HV4K0xCS29LhqXCLFzYgzFtu7CVLzYtaT00CMn+DvRoQmsZSAEjxo3CqgIjcHSbcEje1RUyeSRMBQ/YG8YS3KVufpJzCyBpm0srQC/ZDTIke/grNTaul6uxYhWsuuavLQj3E2qgOQEgsu2z85Ajn11KxLYsf24M7ZNmQM+d7FThZRz9Wly2+uuXfyqcEOAcyphorFbUXQMOAs6tL9wipCuL9W2WjPxiuw== X-Microsoft-Antispam-PRVS: X-Exchange-Antispam-Report-Test: UriScan:; X-Exchange-Antispam-Report-CFA-Test: BCL:0;PCL:0;RULEID:(6040450)(2401047)(8121501046)(5005006)(10201501046)(93006095)(93001095)(3002001)(3231022)(6041248)(20161123564025)(20161123562025)(20161123558100)(20161123555025)(201703131423075)(201702281528075)(201703061421075)(201703061406153)(20161123560025)(6072148)(201708071742011);SRVR:HE1PR08MB0746;BCL:0;PCL:0;RULEID:(100000803101)(100110400095);SRVR:HE1PR08MB0746; X-Forefront-PRVS: 0505147DDB X-Forefront-Antispam-Report: SFV:NSPM;SFS:(10019020)(6009001)(346002)(366004)(376002)(189002)(24454002)(199003)(1076002)(50986999)(54356999)(76176999)(478600001)(33656002)(101416001)(189998001)(3846002)(6116002)(5660300001)(4326008)(66066001)(8936002)(39060400002)(229853002)(53416004)(83506002)(47776003)(69596002)(6916009)(25786009)(50466002)(9686003)(6506006)(53936002)(6246003)(7736002)(1411001)(105586002)(107886003)(55016002)(305945005)(106356001)(2950100002)(86362001)(81166006)(58126008)(316002)(6666003)(23686003)(68736007)(16586007)(7696005)(2906002)(97736004)(52116002)(8676002)(81156014)(16526018)(18370500001);DIR:OUT;SFP:1102;SCL:1;SRVR:HE1PR08MB0746;H:outlook.office365.com;FPR:;SPF:None;PTR:InfoNoRecords;MX:1;A:1;LANG:en; Received-SPF: None (protection.outlook.com: virtuozzo.com does not designate permitted sender hosts) X-Microsoft-Exchange-Diagnostics: =?koi8-r?Q?1;HE1PR08MB0746;23:eYWlwWVQuIOPntfNdBIm1nRZ+8mm6VHwt0mX2M1kpV2?= =?koi8-r?Q?GfxOBg1vkIYKMY8ui9SuxWb9ONYpGAx5biMjHhcMZFM5qxEIgzP/xDtWS2TdNu?= =?koi8-r?Q?MQVe15BBToZ7LehKDN7/NSF+0EWQpEVsO/0ZyTH+HgHvv4dk7RLZdQWBCrkadm?= =?koi8-r?Q?Ktb/yxUGvc43KurXrWOPUUtP/yiBjqYlDqs/58whUvM9uBAORlx1e4uAZRX/Ub?= =?koi8-r?Q?RP261vBSvXQ6HL0U7s0jwJ3NFl6QshdmH61+LF15PdYmWPnC4vqbPwwDl0yFcD?= =?koi8-r?Q?SEyMrCo/Xo14Ydnte5vMw1sBRu/GxUtk1IuUpJZKUXGRnn0sKP/beNjm4qD3+8?= =?koi8-r?Q?ROEjpucdDAFE3AeQWXcQ8xGSkClTkJa5kxsoVSgOCdx3AvKKNKj0RGU9rEwguo?= =?koi8-r?Q?rPjFMlmPUSn/UR09tGsqaMrBL9zANNoDeUxHcIZrFb+/Ths8qV5QyFrE7nnU7b?= =?koi8-r?Q?XwWyUbdZrKWepK/bZEfV/y20qb1Ase6IndJHqZDH/RaNhvPIUNEsE8xCOmHBoe?= =?koi8-r?Q?VqsTY98689hDPwAhVFrrVxjKslkhC+pYj/3OQbN6ZBLjvrI/fdA6RhPWYSYtMA?= =?koi8-r?Q?t3LGeXtPTHpZsGlflzC7gChoIcxmSrNCIclkrEr+3MS9AWu8iOslKqQq8+CiJy?= =?koi8-r?Q?nMIdHBrKVvw2m0cqBxjBjhHMauaKUkU0YB3qtm4JsPKbc58UvukQ67vgu4r0Jo?= =?koi8-r?Q?bsBdFto9tlDXyrZmiJYd/E8vqN0rmqPqmvMy886hP7CCLIJN7gmmAsTmzKcl+B?= =?koi8-r?Q?HkDznSMShZ2YL7u46cHccQqYl467Nh5vpe3PXQlnmLD7C4XxiJ+gSbLxYu1fH6?= =?koi8-r?Q?jWrxFT5960fswqBlWup0o+91UL9SOQx1vDEq4I7jcRJgHmAV99EVT3OTcZRlmH?= =?koi8-r?Q?86jKf4vthHBt3743RscUZIE2VAb23aQo0K92J8SvScslrDzUn8MI7pguX8v5Bv?= =?koi8-r?Q?3nGZmP+mwTCro7Z8vKiKjt3Kf0MEZV7AyAyXGzbD+EuMi1Az1KR0FJ3plO2g6T?= =?koi8-r?Q?wT1lBWrhDp2Gbe9MdTx3JITqylEr3y9Fcm7WfKNq7B9xygF1aSngjgt9L8UpM9?= =?koi8-r?Q?v96eTs5m3Jo87rQV4SMeAdIaYTkN7SjnNBqVBwkT76GFmm9UpLQkXm73ysmzIV?= =?koi8-r?Q?hzhUmRIdn9thHDZA31umcu+K8Ml7wHE+A3oZS+ZqwHxOMHtZaG7PGvmvKKd/jl?= =?koi8-r?Q?1seHkBnJimzD/Wc7QvpKqA9u6FqM/imn1q02AlCoI1feZ4ic4Fxpiu4O5scuFM?= =?koi8-r?Q?O1QG4gaFmCNeSotRSfpHBru/FXuYjPhc2j6ReTfXyop848Iqqsj+y38e0J75p?= X-Microsoft-Exchange-Diagnostics: 1;HE1PR08MB0746;6:AhWLHUuttGLx5hfvtAG+cy1fcrCafe2faawnsxFHgJQGkOV45VJ/65n4O8zBqBJ6rNua3H0eOTqLtkTFxT+P3Dr5BbfV0lRWPaACN24O1wow0nf+AuhoOtcHVql/OC8U39h+hmjdZt44p32JYG1str0HyD5miUyfr6y+7L9K7swxvNpO3O5WqPQoHgxkjUSHMGS7wPF+nzzMXXNVAuv5zA1CYejozifZ+kPIsGm/I0Mbvp8tmpfO+LJKKjOIvmxX0JWX6glTLpdduh5b9oCMdkACuyJhqwIfXuw3fVdsLMr2yKUW83t16KwhEMr2ikyietH7wQ9MMWR582dvqA8E7gLwqxpFrN25pvb5kBWo/04=;5:4ZEUBBq/8olEi4SBCiYE78u7YATT424Q8jnyjCrpqFNwNu3yL4/K/tQmNlqWp4+LQ+FePbjc2HPZVYNWDi14kuxVzcEouG9b1HPDtbxL2uVSQPyizC705fCNmpkx/yIJLiExRnLPSRQqIpf/8HcwEXrcN1mWtVOAL/B3g/VAbjY=;24:xTtf3Z8PlyAvyCHVrCuQD7reewbqh6Ox7Go/CJZ9X4PG4vvErRivj2AHrmwphAU/rxXPIdKcghVZD5JKyiQ9jP7OLQ0PTZnCCzl0TxvWWrU=;7:+AYzARGMMOjU53lC+BSH4KQKqu3zH3b9GK/gSLaK1YgYDGLyNPIRMTK46efDMbX3JVpSgCtjHz0Zw3b5DFxuxl5JPWPp0YrMpiotnUf0nxu6yZicpXj9srBAmlggLebqX9mWJHuwptFQyIixDRBWSQpvJe3y4mMGQKpa7AJPMnNWOJxYaSsOaFscw5dwFYT9PeTtkG3Po3NnNX5+miiQ9iqOsOOK4OKUi5NKqWYwGaCS/JSwAdgEQG3qMW1Q8DhS SpamDiagnosticOutput: 1:99 SpamDiagnosticMetadata: NSPM X-Microsoft-Exchange-Diagnostics: 1;HE1PR08MB0746;20:J/pnKJ6UZ6wydpPhJsf+AqC5E9q7r5IBFYanJr3eQE16iG6zK+Ca7N8iJsS+hnLtANTes6HkXIQqt5aIKIy0bM9WUwgrnDOooYHuXzJtjNzO92+BiFi8MREzr06oY6CWFM9xKmHtuM3esh2cwJ/Pv+0xhYwb54EeZQbwQOADxtU= X-OriginatorOrg: virtuozzo.com X-MS-Exchange-CrossTenant-OriginalArrivalTime: 28 Nov 2017 05:29:34.3407 (UTC) X-MS-Exchange-CrossTenant-Network-Message-Id: 78507ee7-352d-4c6a-b311-08d53621032d X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 0bc7f26d-0264-416e-a6fc-8352af79c58f X-MS-Exchange-Transport-CrossTenantHeadersStamped: HE1PR08MB0746 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, Nov 21, 2017 at 12:27:06AM +0300, Alexey Dobriyan wrote: > Current code does: > > if (sscanf(dentry->d_name.name, "%lx-%lx", start, end) != 2) > > However sscanf() is broken garbage. > > It silently accepts whitespace between format specifiers > (did you know that?). > > It silently accepts valid strings which result in integer overflow. > > Do not use sscanf() for any even remotely reliable parsing code. This patch breaks criu, criu has one places where a file name is generated as map_files/%p-%p openat(1048572, "map_files/0x7f9912dd5000-0x7f9912de4000", O_RDWR) = -1 ENOENT (No such file or directory) <0.000015> And this code worked before this patch and it doesn't work with this patch. And you have to know that we never break user-space programs ;) But seriously, the patch looks good to me, but I would prefer to not queue it into stable kernels. Thanks, Andrei > > OK > # readlink '/proc/1/map_files/55a23af39000-55a23b05b000' > /lib/systemd/systemd > > broken > # readlink '/proc/1/map_files/ 55a23af39000-55a23b05b000' > /lib/systemd/systemd > > broken > # readlink '/proc/1/map_files/55a23af39000-55a23b05b000 ' > /lib/systemd/systemd > > very broken > # readlink '/proc/1/map_files/1000000000000000055a23af39000-55a23b05b000' > /lib/systemd/systemd > > Signed-off-by: Alexey Dobriyan > Cc: stable@kernel.org > --- > > fs/proc/base.c | 29 ++++++++++++++++++++++++++++- > 1 file changed, 28 insertions(+), 1 deletion(-) > > --- a/fs/proc/base.c > +++ b/fs/proc/base.c > @@ -100,6 +100,8 @@ > #include "internal.h" > #include "fd.h" > > +#include "../../lib/kstrtox.h" > + > /* NOTE: > * Implementing inode permission operations in /proc is almost > * certainly an error. Permission checks need to happen during > @@ -1907,8 +1909,33 @@ bool proc_fill_cache(struct file *file, struct dir_context *ctx, > static int dname_to_vma_addr(struct dentry *dentry, > unsigned long *start, unsigned long *end) > { > - if (sscanf(dentry->d_name.name, "%lx-%lx", start, end) != 2) > + const char *str = dentry->d_name.name; > + unsigned long long sval, eval; > + unsigned int len; > + > + len = _parse_integer(str, 16, &sval); > + if (len & KSTRTOX_OVERFLOW) > + return -EINVAL; > + if (sval != (unsigned long)sval) > + return -EINVAL; > + str += len; > + > + if (*str != '-') > return -EINVAL; > + str++; > + > + len = _parse_integer(str, 16, &eval); > + if (len & KSTRTOX_OVERFLOW) > + return -EINVAL; > + if (eval != (unsigned long)eval) > + return -EINVAL; > + str += len; > + > + if (*str != '\0') > + return -EINVAL; > + > + *start = sval; > + *end = eval; > > return 0; > } From 1584653559919789070@xxx Tue Nov 21 05:50:00 +0000 2017 X-GM-THRID: 1584621974020232218 X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread