From owner-freebsd-bugs@FreeBSD.ORG Fri Jan 6 18:40:06 2006 Return-Path: X-Original-To: freebsd-bugs@hub.freebsd.org Delivered-To: freebsd-bugs@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A49F16A420 for ; Fri, 6 Jan 2006 18:40:06 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id D4EA343D48 for ; Fri, 6 Jan 2006 18:40:04 +0000 (GMT) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.4/8.13.4) with ESMTP id k06Ie4cm012583 for ; Fri, 6 Jan 2006 18:40:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.13.4/8.13.4/Submit) id k06Ie4nI012579; Fri, 6 Jan 2006 18:40:04 GMT (envelope-from gnats) Resent-Date: Fri, 6 Jan 2006 18:40:04 GMT Resent-Message-Id: <200601061840.k06Ie4nI012579@freefall.freebsd.org> Resent-From: FreeBSD-gnats-submit@FreeBSD.org (GNATS Filer) Resent-To: freebsd-bugs@FreeBSD.org Resent-Reply-To: FreeBSD-gnats-submit@FreeBSD.org, "Wojciech A. Koszek" Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7D17C16A420 for ; Fri, 6 Jan 2006 18:31:40 +0000 (GMT) (envelope-from dunstan@freebsd.czest.pl) Received: from freebsd.czest.pl (freebsd.czest.pl [80.48.250.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id DA35643D60 for ; Fri, 6 Jan 2006 18:31:37 +0000 (GMT) (envelope-from dunstan@freebsd.czest.pl) Received: from freebsd.czest.pl (freebsd.czest.pl [80.48.250.4]) by freebsd.czest.pl (8.12.10/8.12.9) with ESMTP id k06IYuPx061062 for ; Fri, 6 Jan 2006 18:34:56 GMT (envelope-from dunstan@freebsd.czest.pl) Received: (from dunstan@localhost) by freebsd.czest.pl (8.13.4/8.12.9/Submit) id k06IYtLd061061; Fri, 6 Jan 2006 18:34:56 GMT (envelope-from dunstan) Message-Id: <200601061834.k06IYtLd061061@freebsd.czest.pl> Date: Fri, 6 Jan 2006 18:34:56 GMT From: "Wojciech A. Koszek" To: FreeBSD-gnats-submit@FreeBSD.org X-Send-Pr-Version: 3.113 Cc: Subject: bin/91411: [PATCH] kvm(3) should handle empty files properly X-BeenThere: freebsd-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: "Wojciech A. Koszek" List-Id: Bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 06 Jan 2006 18:40:06 -0000 >Number: 91411 >Category: bin >Synopsis: [PATCH] kvm(3) should handle empty files properly >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Jan 06 18:40:04 GMT 2006 >Closed-Date: >Last-Modified: >Originator: Wojciech A. Koszek >Release: FreeBSD 7.0-CURRENT i386 >Organization: >Environment: System: FreeBSD dunstan.freebsd.czest.pl 7.0-CURRENT FreeBSD 7.0-CURRENT #4: Mon Jan 2 21:27:11 CET 2006 root@dunstan.freebsd.czest.pl:/usr/obj/usr/src/sys/LAPTOP i386 >Description: Right now you will get segmentation fault with almost every application linked with kvm(3) if the file which name was passed in kvm_open.. has 0 bytes: root@dunstan:(/usr/src/lib/libkvm)# touch /tmp/Zzz root@dunstan:(/usr/src/lib/libkvm)# ps -M /tmp/Zzz zsh: segmentation fault ps -M /tmp/Zzz Besides ps(1), every program tries to properly handle error value returned from kvm_open*, which should be NULL (and this behaviour is documented in manual page). >How-To-Repeat: root@dunstan:(/usr/src/lib/libkvm)# touch /tmp/Zzz root@dunstan:(/usr/src/lib/libkvm)# ps -M /tmp/Zzz zsh: segmentation fault ps -M /tmp/Zzz >Fix: Patch is here: http://freebsd.czest.pl/dunstan/FreeBSD/libkvm.0.patch --- libkvm.0.patch begins here --- (c) 2006 Wojciech A. Koszek Patch against FreeBSD 7.0-CURRENT, kern.osreldate: 700011. diff --exclude=CVS -upr /usr/src/bin/ps/ps.c src/bin/ps/ps.c --- /usr/src/bin/ps/ps.c Wed Feb 9 18:37:38 2005 +++ src/bin/ps/ps.c Wed Jan 4 23:00:47 2006 @@ -432,7 +432,7 @@ main(int argc, char *argv[]) xkeep = xkeep_implied; kd = kvm_openfiles(nlistf, memf, NULL, O_RDONLY, errbuf); - if (kd == 0) + if (kd == NULL) errx(1, "%s", errbuf); if (!_fmt) diff --exclude=CVS -upr /usr/src/lib/libkvm/kvm.c src/lib/libkvm/kvm.c --- /usr/src/lib/libkvm/kvm.c Tue Jul 19 16:48:58 2005 +++ src/lib/libkvm/kvm.c Wed Jan 4 22:59:11 2006 @@ -179,6 +179,15 @@ _kvm_open(kd, uf, mf, flag, errout) _kvm_syserr(kd, kd->program, "%s", mf); goto failed; } + /* + * Disallow access to 0-length files, since further initialization + * will cause segmentation fault. + */ + if (S_ISREG(st.st_mode) && st.st_size <= 0) { + errno = EINVAL; + _kvm_syserr(kd, kd->program, "empty file"); + goto failed; + } if (fcntl(kd->pmfd, F_SETFD, FD_CLOEXEC) < 0) { _kvm_syserr(kd, kd->program, "%s", mf); goto failed; @@ -225,10 +234,10 @@ failed: /* * Copy out the error if doing sane error semantics. */ - if (errout != 0) + if (errout != NULL) strlcpy(errout, kd->errbuf, _POSIX2_LINE_MAX); (void)kvm_close(kd); - return (0); + return (NULL); } kvm_t * --- libkvm.0.patch ends here --- >Release-Note: >Audit-Trail: >Unformatted: