[DTrace-devel] [PATCH v3 2/7] cmd, libdtrace: fix potentially unsafe printf-like calls
Eugene Loh
eugene.loh at oracle.com
Wed Dec 7 05:10:47 UTC 2022
Reviewed-by: Eugene Loh <eugene.loh at oracle.com>
On 12/6/22 22:14, Kris Van Hees via DTrace-devel wrote:
> GCC 12 flagged some calls to printf-style functions for using a dynamic
> string as format without arguments. If the dymanic string somehow can
> be made to contain a substitution sequence (%<something>) this would be
> unsafe.
>
> Due to some special case handing for error strings ending in a newline
> character, the default error, liberr, and drop strings are adjusted as
> well.
>
> Signed-off-by: Kris Van Hees <kris.van.hees at oracle.com>
> ---
> cmd/dtrace.c | 4 ++--
> libdtrace/dt_handle.c | 13 +++++++------
> libdtrace/dt_printf.c | 2 +-
> 3 files changed, 10 insertions(+), 9 deletions(-)
>
> diff --git a/cmd/dtrace.c b/cmd/dtrace.c
> index 732150df..89edbc3f 100644
> --- a/cmd/dtrace.c
> +++ b/cmd/dtrace.c
> @@ -521,7 +521,7 @@ prochandler(pid_t pid, const char *msg, void *arg)
> static int
> errhandler(const dtrace_errdata_t *data, void *arg)
> {
> - error(data->dteda_msg);
> + error("%s\n", data->dteda_msg);
> return DTRACE_HANDLE_OK;
> }
>
> @@ -529,7 +529,7 @@ errhandler(const dtrace_errdata_t *data, void *arg)
> static int
> drophandler(const dtrace_dropdata_t *data, void *arg)
> {
> - error(data->dtdda_msg);
> + error("%s\n", data->dtdda_msg);
> return DTRACE_HANDLE_OK;
> }
>
> diff --git a/libdtrace/dt_handle.c b/libdtrace/dt_handle.c
> index 3c8f0287..6418aa64 100644
> --- a/libdtrace/dt_handle.c
> +++ b/libdtrace/dt_handle.c
> @@ -193,7 +193,7 @@ no_addr:
> }
>
> snprintf(str, len, "error on enabled probe ID %u (ID %u: %s:%s:%s:%s): "
> - "%s%s in %s%s\n",
> + "%s%s in %s%s",
> epid, errpd->id, errpd->prv, errpd->mod, errpd->fun,
> errpd->prb, dtrace_faultstr(dtp, err.dteda_fault), details,
> where, offinfo);
> @@ -233,7 +233,7 @@ dt_handle_liberr(dtrace_hdl_t *dtp, const dtrace_probedata_t *data,
> str = alloca(len);
>
> snprintf(str, len,
> - "error on enabled probe ID %u (ID %u: %s:%s:%s:%s): %s\n",
> + "error on enabled probe ID %u (ID %u: %s:%s:%s:%s): %s",
> data->dtpda_epid, errpd->id, errpd->prv, errpd->mod,
> errpd->fun, errpd->prb, faultstr);
>
> @@ -306,9 +306,10 @@ dt_handle_cpudrop(dtrace_hdl_t *dtp, processorid_t cpu,
> size = sizeof(str);
> }
>
> - snprintf(s, size, "%llu %sdrop%s on CPU %d\n",
> - (unsigned long long)howmany, what == DTRACEDROP_PRINCIPAL ? "" : "aggregation ",
> - howmany > 1 ? "s" : "", cpu);
> + snprintf(s, size, "%llu %sdrop%s on CPU %d",
> + (unsigned long long)howmany,
> + what == DTRACEDROP_PRINCIPAL ? "" : "aggregation ",
> + howmany > 1 ? "s" : "", cpu);
>
> if (dtp->dt_drophdlr == NULL)
> return dt_set_errno(dtp, EDT_DROPABORT);
> @@ -399,7 +400,7 @@ dt_handle_status(dtrace_hdl_t *dtp, dtrace_status_t *old, dtrace_status_t *new)
> size = sizeof(str);
> }
>
> - snprintf(s, size, "%llu %s%s%s\n",
> + snprintf(s, size, "%llu %s%s%s",
> (unsigned long long)nval - oval,
> _dt_droptab[i].dtdrt_str, (nval - oval > 1) ? "s" : "",
> _dt_droptab[i].dtdrt_msg != NULL ?
> diff --git a/libdtrace/dt_printf.c b/libdtrace/dt_printf.c
> index d060670a..6ee317e6 100644
> --- a/libdtrace/dt_printf.c
> +++ b/libdtrace/dt_printf.c
> @@ -1305,7 +1305,7 @@ dt_printf_format(dtrace_hdl_t *dtp, FILE *fp, const dt_pfargv_t *pfv,
> memcpy(tmp, pfd->pfd_prefix, pfd->pfd_preflen);
> tmp[pfd->pfd_preflen] = '\0';
>
> - if ((rval = dt_printf(dtp, fp, tmp)) < 0)
> + if ((rval = dt_printf(dtp, fp, "%s", tmp)) < 0)
> return rval;
>
> if (pfv->pfv_flags & DT_PRINTF_AGGREGATION) {
More information about the DTrace-devel
mailing list