[Crash-utility] Re: [PATCH] fix eheader overflow
applied:
https://github.com/crash-utility/crash/commit/ad427b7f8ffc24c9621a1836d80...
On Mon, Mar 30, 2026 at 12:16 PM Tao Liu <ltao(a)redhat.com> wrote:
Hi Bruno,
Thanks for the fix, LGTM, ack.
Thanks,
Tao Liu
On Wed, Mar 25, 2026 at 2:55 PM Bruno Faccini <bfaccini(a)nvidia.com> wrote:
>
>
> crash-utility live session fails solid with a SEGV, where it seems
> that with some (new ?) Kernels and configurations /proc/kcore
> exposes a first “Note” program-header along with a big number of
> other headers (particularly when direct-map area generated from
> physical memory map have a lot of entries), causing eheader[]
> overflow (a stack underflow in fact since it is an automatic
> variable!) because the whole size exceeds MAX_KCORE_ELF_HEADER_SIZE.
> This problem still occur with latest utility version, and the
> following patch has been proven to fix.
>
> Signed-off-by: Bruno Faccini <bfaccini(a)nvidia.com>
>
> diff --git a/netdump.c b/netdump.c
> index 452ef72..7697613 100644
> --- a/netdump.c
> +++ b/netdump.c
> @@ -4664,7 +4664,12 @@ proc_kcore_init_32(FILE *fp, int kcore_fd)
> clean_exit(1);
> }
>
> - BCOPY(&eheader[0], &pkd->elf_header[0], pkd->header_size);
> + if (read(fd, pkd->elf_header, pkd->header_size) !=
pkd->header_size) {
> + sprintf(buf, "/proc/kcore: read");
> + perror(buf);
> + goto bailout;
> + }
> +
> pkd->notes32 = (Elf32_Phdr *)&pkd->elf_header[elf32->e_phoff];
> pkd->load32 = pkd->notes32 + 1;
> pkd->flags |= KCORE_ELF32;
> @@ -4738,7 +4743,12 @@ proc_kcore_init_64(FILE *fp, int kcore_fd)
> clean_exit(1);
> }
>
> - BCOPY(&eheader[0], &pkd->elf_header[0], pkd->header_size);
> + if (read(fd, pkd->elf_header, pkd->header_size) !=
pkd->header_size) {
> + sprintf(buf, "/proc/kcore: read");
> + perror(buf);
> + goto bailout;
> + }
> +
> pkd->notes64 = (Elf64_Phdr *)&pkd->elf_header[elf64->e_phoff];
> pkd->load64 = pkd->notes64 + 1;
> pkd->flags |= KCORE_ELF64;
> --
> Crash-utility mailing list -- devel(a)lists.crash-utility.osci.io
> To unsubscribe send an email to devel-leave(a)lists.crash-utility.osci.io
> https://${domain_name}/admin/lists/devel.lists.crash-utility.osci.io/
> Contribution Guidelines: https://github.com/crash-utility/crash/wiki