[Crash-utility] Re: [PATCH] fix eheader overflow

crash-utility live session fails solid with a SEGV, where it seems that with some (new ?) Kernels and configurations /proc/kcore exposes a first “Note” program-header along with a big number of other headers (particularly when direct-map area generated from physical memory map have a lot of entries), causing eheader[] overflow (a stack underflow in fact since it is an automatic variable!) because the whole size exceeds MAX_KCORE_ELF_HEADER_SIZE. This problem still occur with latest utility version, and the following patch has been proven to fix. Signed-off-by: Bruno Faccini <bfaccini(a)nvidia.com&gt; diff --git a/netdump.c b/netdump.c index 452ef72..7697613 100644 --- a/netdump.c +++ b/netdump.c @@ -4664,7 +4664,12 @@ proc_kcore_init_32(FILE *fp, int kcore_fd) clean_exit(1); } - BCOPY(&eheader[0], &pkd->elf_header[0], pkd->header_size); + if (read(fd, pkd->elf_header, pkd->header_size) != pkd->header_size) { + sprintf(buf, "/proc/kcore: read"); + perror(buf); + goto bailout; + } + pkd->notes32 = (Elf32_Phdr *)&pkd->elf_header[elf32->e_phoff]; pkd->load32 = pkd->notes32 + 1; pkd->flags |= KCORE_ELF32; @@ -4738,7 +4743,12 @@ proc_kcore_init_64(FILE *fp, int kcore_fd) clean_exit(1); } - BCOPY(&eheader[0], &pkd->elf_header[0], pkd->header_size); + if (read(fd, pkd->elf_header, pkd->header_size) != pkd->header_size) { + sprintf(buf, "/proc/kcore: read"); + perror(buf); + goto bailout; + } + pkd->notes64 = (Elf64_Phdr *)&pkd->elf_header[elf64->e_phoff]; pkd->load64 = pkd->notes64 + 1; pkd->flags |= KCORE_ELF64; -- Crash-utility mailing list -- devel(a)lists.crash-utility.osci.io To unsubscribe send an email to devel-leave(a)lists.crash-utility.osci.io https://${domain_name}/admin/lists/devel.lists.crash-utility.osci.io/ Contribution Guidelines: https://github.com/crash-utility/crash/wiki