[DTrace-devel] [PATCH 1/8 v3] Do not set NONALLOCA taint on VAR[IDX] (was: Do not set NONALLOCA taint on builtin array variables)

Kris Van Hees kris.van.hees at oracle.com
Mon Jun 6 17:57:59 UTC 2022 

Woops - consider the #if 0 ... #else ... #endif gone (forgot to clean that up
before posting), and review the #else ... #endif only please.

On Mon, Jun 06, 2022 at 01:52:35PM -0400, Kris Van Hees via DTrace-devel wrote:
> The logic for setting a NONALLOCA taint on an identifier for stores of
> non-alloca, non-literal-0 values in the DT_OP_LBRAC handling in
> dt_node_op2() is incorrect.  We are removing it with this patch.
> Further analysis is necessary to determine whether it can be applied to
> the underlying array variable identifier and how.
> 
> Signed-off-by: Kris Van Hees <kris.van.hees at oracle.com>
> ---
>  libdtrace/dt_parser.c | 11 ++++++++++-
>  1 file changed, 10 insertions(+), 1 deletion(-)
> 
> diff --git a/libdtrace/dt_parser.c b/libdtrace/dt_parser.c
> index 4377bb06..43f1fecd 100644
> --- a/libdtrace/dt_parser.c
> +++ b/libdtrace/dt_parser.c
> @@ -4029,15 +4029,24 @@ asgn_common:
>  		dnp->dn_args = rp;
>  		dnp->dn_list = NULL;
>  
> +#if 0
>  		/*
>  		 * Transfer alloca taint.  Stores of non-alloca, non-literal-0
>  		 * values turn on DT_IDFLG_NONALLOCA to prevent this identifier
>  		 * from being used for alloca storage anywhere in the program.
> +		 * But only do this for user defined arrays.  Builtin arrays do
> +		 * not need this.
>  		 */
>  		if (dnp->dn_args->dn_flags & DT_NF_ALLOCA)
>  			dt_cook_taint_alloca(dnp, idp, dnp->dn_args);
> -		else if (dnp->dn_kind != DT_NODE_INT || dnp->dn_value != 0)
> +		else if (idp->di_id > DIF_VAR_ARRAY_MAX &&
> +			 (dnp->dn_kind != DT_NODE_INT || dnp->dn_value != 0))
>  			idp->di_flags |= DT_IDFLG_NONALLOCA;
> +#else
> +		/* Transfer alloca taint. */
> +		if (dnp->dn_args->dn_flags & DT_NF_ALLOCA)
> +			dt_cook_taint_alloca(dnp, idp, dnp->dn_args);
> +#endif
>  
>  		dt_node_free(lp);
>  		return dt_node_cook(dnp, idflags);
> -- 
> 2.34.1
> 
> 
> _______________________________________________
> DTrace-devel mailing list
> DTrace-devel at oss.oracle.com
> https://oss.oracle.com/mailman/listinfo/dtrace-devel

More information about the DTrace-devel mailing list