Received: by 10.223.164.221 with SMTP id h29csp1180732wrb;
        Wed, 1 Nov 2017 11:47:51 -0700 (PDT)
X-Google-Smtp-Source: ABhQp+SPzoFWQBuJGj3MJSatZIhi1YoKYJmJgRAbG7rStWbAoc3bwICyoULVpENa88qWQlDyOwym
X-Received: by 10.98.78.4 with SMTP id c4mr850391pfb.103.1509562070928;
        Wed, 01 Nov 2017 11:47:50 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1509562070; cv=none;
        d=google.com; s=arc-20160816;
        b=j+PmKeB5kdxVzaN5AJaohxdCHZrpByheAkKfs6wUn10r7ISbV2WPUcyCtKu7fx1kk9
         RTxO3RWVnrzBa9guJMhtUvomCddp4/082MYFD48TWxP8Wdbpg0DYWsCoD4VxWE35Pif1
         Au+VvXkOkLQ8VEvLFI3/h0gWSwJWKyJZIPisWaTmon/qhYWaft0kuhRafpS0hJDlbrvq
         t5dO0ziFyceVDl1IF3qNiBiqQBhx3oJTCpb63DT5S2c5+WKXVJBuQriFqIOoDIH1KlHL
         8hjzcnLLkbMDspSddmcJUxV5N4XEg2lWG0WO0K2uusPP9nq5F9ZxwWsbqysUOO8w2rr3
         kUPg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
        h=list-id:precedence:sender:message-id:date:subject:cc:to:from
         :arc-authentication-results;
        bh=vuZ8ih486n85JJhtJ3HJXb2npethXrvW7f/lu5Q495E=;
        b=BuMNKxFZnlqiRFwvqzmIG822qnc8AhhF1H3YWt8SA/SDqRiajIW+J98cRDuugQ20kl
         B4JpogM5HKGpei0jBYtYWUUoUPgw3oN327mJR4MlKgQpGl0Aepcwj+JjXxOQ6E82emQ0
         cRFxOGbHpWUypa/9I9FwTpmCdVcgt6/hmhyysU3RA5K0/+C3FOvVthnL/8ov7O6kMHqv
         mY/v0edwIzTjiUU2j2JVlyPdtiFfPgaFKvdfGDTSju4GnzJoo79e60F928Ih3ieBdKAQ
         QIpCnjNna7k8uA3+YoaXW6bYDErrgzvofwqn8BX6/AAbA1lCoDv7/u4WjEfIzc1+UUcd
         Z6Ew==
ARC-Authentication-Results: i=1; mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=exchange.microsoft.com
Return-Path: <linux-kernel-owner@vger.kernel.org>
Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67])
        by mx.google.com with ESMTP id t125si1662915pgc.19.2017.11.01.11.47.36;
        Wed, 01 Nov 2017 11:47:50 -0700 (PDT)
Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67;
Authentication-Results: mx.google.com;
       spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org;
       dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=exchange.microsoft.com
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S1755062AbdKASqq (ORCPT <rfc822;luizmacielfranco@gmail.com>
        + 99 others); Wed, 1 Nov 2017 14:46:46 -0400
Received: from a2nlsmtp01-04.prod.iad2.secureserver.net ([198.71.225.38]:52276
        "EHLO a2nlsmtp01-04.prod.iad2.secureserver.net" rhost-flags-OK-OK-OK-OK)
        by vger.kernel.org with ESMTP id S1754978AbdKASqm (ORCPT
        <rfc822;linux-kernel@vger.kernel.org>);
        Wed, 1 Nov 2017 14:46:42 -0400
Received: from linuxonhyperv.com ([107.180.71.197])
        by : HOSTING RELAY : with SMTP
        id 9y1FeSiKXV6DQ9y1FeclLR; Wed, 01 Nov 2017 11:45:41 -0700
x-originating-ip: 107.180.71.197
Received: from longli by linuxonhyperv.com with local (Exim 4.89)
        (envelope-from <longli@linuxonhyperv.com>)
        id 1e9y1F-0000S7-EZ; Wed, 01 Nov 2017 11:45:41 -0700
From:   Long Li <longli@exchange.microsoft.com>
To:     "K . Y . Srinivasan" <kys@microsoft.com>,
        Haiyang Zhang <haiyangz@microsoft.com>,
        Stephen Hemminger <sthemmin@microsoft.com>,
        devel@linuxdriverproject.org, linux-kernel@vger.kernel.org
Cc:     Paul Meyer <Paul.Meyer@microsoft.com>,
        Long Li <longli@microsoft.com>
Subject: [Revised PATCH v2] hv: kvp: Avoid reading past allocated blocks from KVP file
Date:   Wed,  1 Nov 2017 11:45:26 -0700
Message-Id: <20171101184526.1689-1-longli@exchange.microsoft.com>
X-Mailer: git-send-email 2.14.1
X-CMAE-Envelope: MS4wfMFxHAX6J43b/vV8kJF99cqQAtkE1RyWeS1JfXVnq/aLgABduYrbqZkkq3Pq5BxBRXOfpta/TxZ7TZUWQrun8EZDZeUEeevsM2fQoKZYEfZt0N1U+/Ql
 LxGAS/0P4tpleYxYSkfw6F6N1faqRj2n+nTjHSsUgnF+XpXsvsLDIjfzWJaw7ZU+jWe31/ICtAGMLEGUrys/GCAWh27WB6U8tHaaGY0vZ+GJYdlX8eMo7VaB
 sUqW1DeoiFlVv4Q11D/vC4a8fZEFtdey4jPaFbcUVF85EebmpyHHpzINiKg55yYLq2CtBU8GWFqPV4Ts2J/ZlS+UjQmkT2yddsU1Ehlge9ji2g5aJClI00hs
 W7W1Cqu8HH0iKhTL5OQ2bLnOrZtITHEUoKoDKgWbO5mR8cyc33o=
Sender: linux-kernel-owner@vger.kernel.org
Precedence: bulk
List-ID: <linux-kernel.vger.kernel.org>
X-Mailing-List: linux-kernel@vger.kernel.org

From: Paul Meyer <Paul.Meyer@microsoft.com>

While reading in more than one block (50) of KVP records, the allocation
goes per block, but the reads used the total number of allocated records
(without resetting the pointer/stream). This causes the records buffer to
overrun when the refresh reads more than one block over the previous
capacity (e.g. reading more than 100 KVP records whereas the in-memory
database was empty before).

Fix this by reading the correct number of KVP records from file each time.

Changes since v1:
1. Properly wrapped comment texts.
2. Added the 2nd Signed-off-by.

Signed-off-by: Paul Meyer <Paul.Meyer@microsoft.com>
Signed-off-by: Long Li <longli@microsoft.com>
---
 tools/hv/hv_kvp_daemon.c | 66 ++++++++----------------------------------------
 1 file changed, 10 insertions(+), 56 deletions(-)

diff --git a/tools/hv/hv_kvp_daemon.c b/tools/hv/hv_kvp_daemon.c
index eaa3bec..2094036 100644
--- a/tools/hv/hv_kvp_daemon.c
+++ b/tools/hv/hv_kvp_daemon.c
@@ -193,11 +193,13 @@ static void kvp_update_mem_state(int pool)
 	for (;;) {
 		readp = &record[records_read];
 		records_read += fread(readp, sizeof(struct kvp_record),
-					ENTRIES_PER_BLOCK * num_blocks,
-					filep);
+				ENTRIES_PER_BLOCK * num_blocks - records_read,
+				filep);
 
 		if (ferror(filep)) {
-			syslog(LOG_ERR, "Failed to read file, pool: %d", pool);
+			syslog(LOG_ERR,
+				"Failed to read file, pool: %d; error: %d %s",
+				 pool, errno, strerror(errno));
 			exit(EXIT_FAILURE);
 		}
 
@@ -224,15 +226,11 @@ static void kvp_update_mem_state(int pool)
 	fclose(filep);
 	kvp_release_lock(pool);
 }
+
 static int kvp_file_init(void)
 {
 	int  fd;
-	FILE *filep;
-	size_t records_read;
 	char *fname;
-	struct kvp_record *record;
-	struct kvp_record *readp;
-	int num_blocks;
 	int i;
 	int alloc_unit = sizeof(struct kvp_record) * ENTRIES_PER_BLOCK;
 
@@ -246,61 +244,17 @@ static int kvp_file_init(void)
 
 	for (i = 0; i < KVP_POOL_COUNT; i++) {
 		fname = kvp_file_info[i].fname;
-		records_read = 0;
-		num_blocks = 1;
 		sprintf(fname, "%s/.kvp_pool_%d", KVP_CONFIG_LOC, i);
 		fd = open(fname, O_RDWR | O_CREAT | O_CLOEXEC, 0644 /* rw-r--r-- */);
 
 		if (fd == -1)
 			return 1;
 
-
-		filep = fopen(fname, "re");
-		if (!filep) {
-			close(fd);
-			return 1;
-		}
-
-		record = malloc(alloc_unit * num_blocks);
-		if (record == NULL) {
-			fclose(filep);
-			close(fd);
-			return 1;
-		}
-		for (;;) {
-			readp = &record[records_read];
-			records_read += fread(readp, sizeof(struct kvp_record),
-					ENTRIES_PER_BLOCK,
-					filep);
-
-			if (ferror(filep)) {
-				syslog(LOG_ERR, "Failed to read file, pool: %d",
-				       i);
-				exit(EXIT_FAILURE);
-			}
-
-			if (!feof(filep)) {
-				/*
-				 * We have more data to read.
-				 */
-				num_blocks++;
-				record = realloc(record, alloc_unit *
-						num_blocks);
-				if (record == NULL) {
-					fclose(filep);
-					close(fd);
-					return 1;
-				}
-				continue;
-			}
-			break;
-		}
 		kvp_file_info[i].fd = fd;
-		kvp_file_info[i].num_blocks = num_blocks;
-		kvp_file_info[i].records = record;
-		kvp_file_info[i].num_records = records_read;
-		fclose(filep);
-
+		kvp_file_info[i].num_blocks = 1;
+		kvp_file_info[i].records = malloc(alloc_unit);
+		kvp_file_info[i].num_records = 0;
+		kvp_update_mem_state(i);
 	}
 
 	return 0;
-- 
2.7.4


From 1583512123865185860@xxx Wed Nov 08 15:27:22 +0000 2017
X-GM-THRID: 1583483204746654793
X-Gmail-Labels: Inbox,Category Forums,HistoricalUnread