Date: Fri, 21 Mar 2014 09:26:26 GMT From: Peter Holm <pho@freebsd.org> To: freebsd-gnats-submit@FreeBSD.org Subject: amd64/187808: Pointer validation gone missing for __vdso_gettimeofday() Message-ID: <201403210926.s2L9QQDa004249@cgiserv.freebsd.org> Resent-Message-ID: <201403210930.s2L9U0u2070110@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 187808 >Category: amd64 >Synopsis: Pointer validation gone missing for __vdso_gettimeofday() >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-amd64 >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Fri Mar 21 09:30:00 UTC 2014 >Closed-Date: >Last-Modified: >Originator: Peter Holm >Release: HEAD >Organization: >Environment: FreeBSD t2.osted.lan 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r263418M: Thu Mar 20 07:20:51 CET 2014 pho@t2.osted.lan:/usr/src/sys/amd64/compile/PHO amd64 >Description: If first argument to gettimeofday() is an invalid pointer the call does not return EFAULT. >How-To-Repeat: $ cat -n gettimeofday.c 1 #include <err.h> 2 #include <stdio.h> 3 #include <sys/time.h> 4 #include <sys/syscall.h> 5 #include <unistd.h> 6 7 int 8 main(void) 9 { 10 if (syscall(SYS_gettimeofday, (void *)-1, NULL) == -1) 11 warn("syscall()"); 12 13 /* broken by r237434 */ 14 if (gettimeofday((void *)-1, NULL) == -1) 15 warn("gettimeofday()"); 16 17 return (0); 18 } $ cc -o gettimeofday -Wall -Wextra -O2 -g gettimeofday.c $ ./gettimeofday gettimeofday: syscall(): Bad address Segmentation fault (core dumped) $ >Fix: >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403210926.s2L9QQDa004249>