Date: Fri, 21 Mar 2014 13:00:01 GMT From: Peter Holm <peter@holm.cc> To: freebsd-amd64@FreeBSD.org Subject: Re: amd64/187808: Pointer validation gone missing for __vdso_gettimeofday() Message-ID: <201403211300.s2LD01Ob034184@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR amd64/187808; it has been noted by GNATS. From: Peter Holm <peter@holm.cc> To: Konstantin Belousov <kostikbel@gmail.com> Cc: freebsd-gnats-submit@freebsd.org Subject: Re: amd64/187808: Pointer validation gone missing for __vdso_gettimeofday() Date: Fri, 21 Mar 2014 13:56:46 +0100 On Fri, Mar 21, 2014 at 02:30:44PM +0200, Konstantin Belousov wrote: > On Fri, Mar 21, 2014 at 09:26:26AM +0000, Peter Holm wrote: > > > > >Number: 187808 > > >Category: amd64 > > >Synopsis: Pointer validation gone missing for __vdso_gettimeofday() > > >Confidential: no > > >Severity: non-critical > > >Priority: low > > >Responsible: freebsd-amd64 > > >State: open > > >Quarter: > > >Keywords: > > >Date-Required: > > >Class: sw-bug > > >Submitter-Id: current-users > > >Arrival-Date: Fri Mar 21 09:30:00 UTC 2014 > > >Closed-Date: > > >Last-Modified: > > >Originator: Peter Holm > > >Release: HEAD > > >Organization: > > >Environment: > > FreeBSD t2.osted.lan 11.0-CURRENT FreeBSD 11.0-CURRENT #0 r263418M: Thu Mar 20 07:20:51 CET 2014 pho@t2.osted.lan:/usr/src/sys/amd64/compile/PHO amd64 > > >Description: > > If first argument to gettimeofday() is an invalid pointer the call does not return EFAULT. > > >How-To-Repeat: > > $ cat -n gettimeofday.c > > 1 #include <err.h> > > 2 #include <stdio.h> > > 3 #include <sys/time.h> > > 4 #include <sys/syscall.h> > > 5 #include <unistd.h> > > 6 > > 7 int > > 8 main(void) > > 9 { > > 10 if (syscall(SYS_gettimeofday, (void *)-1, NULL) == -1) > > 11 warn("syscall()"); > > 12 > > 13 /* broken by r237434 */ > > 14 if (gettimeofday((void *)-1, NULL) == -1) > > 15 warn("gettimeofday()"); > > 16 > > 17 return (0); > > 18 } > > $ cc -o gettimeofday -Wall -Wextra -O2 -g gettimeofday.c > > $ ./gettimeofday > > gettimeofday: syscall(): Bad address > > Segmentation fault (core dumped) > > $ > > Nothing in the SUSvX requires the pointer to the struct timeval to be > validated, or rather, if pointer is not valid, the behaviour is undefined. > > It is impossible to 'fix' this in reliable manner for userspace function. > The expectations are the same as for other functions, e.g. strcmp(3). Thank you for the explanation. - Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201403211300.s2LD01Ob034184>