From nobody Wed Feb 22 17:03:25 2023 X-Original-To: dev-commits-src-main@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4PMMtP4C9rz3tCJs; Wed, 22 Feb 2023 17:03:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from mxrelay.nyi.freebsd.org (mxrelay.nyi.freebsd.org [IPv6:2610:1c1:1:606c::19:3]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "mxrelay.nyi.freebsd.org", Issuer "R3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4PMMtP3m79z46tJ; Wed, 22 Feb 2023 17:03:25 +0000 (UTC) (envelope-from git@FreeBSD.org) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677085405; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=b4ceKR9IaIlUZdadsuzMRnbdCJf5J4LNXAn3vmWvHeg=; b=yIxAL0Q1iJeTS7pR0G/puvBljMmYfFbx9ioBJmVjhhT8JLyfOotsfALNwAY5pPkSW7UCzN U8vV6gsiMfOU29bcLHWN8D3yarA7GIrvBTgkU8TOfn6Ynz4LGBfmpct4lQJjREMHU8o4hl WAD9TKFUVBRLBFVXHtGHJjAHXcOEQ1cXscfApMETNW3ShsjFuTrFy/Zcz9bCP1lnHi21rw UusFXnracC/1ta2KCyYRuWf5O9zLaV+chDSu/JdxaVq/Tu0Rzj+W1wjccs48F0PtLb94Mr A++dGVQWFW8vK5Uf2pA19/AGbmtwsg8zyS33g6s0vvL3YUaB/1GuTao061hU3g== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=freebsd.org; s=dkim; t=1677085405; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=b4ceKR9IaIlUZdadsuzMRnbdCJf5J4LNXAn3vmWvHeg=; b=FV0IuYmYbT5R1wKH/xS26gy8oqmVGcgsgH3yhyEcXESIct14/GZ14JCxR+vvxR4Sbbqx2R EC0gVIYcBK8IOxvptE6G6GwhdHDF/U5lR4KnzSZebbjuQbQzXPZytVJRL2kx98wMZubuiE LLnQH6Cu+F2m6NXin6tjN2wgMrw54YNXD/ddZN8XzysrMAIPcp87EBk5DVkfO/as+0GwXG pmquSmbmoPndvdjOb/HlW7lQoyn8DZvKtQiSIoZunIIJSCQUVvWs9VzDjlh2nA4Exb+7dv MqZJ35EjXcZT2qJtlPa0RgHZj+sF6Utym5UuV3qC7NqRlPogJX7YlxjjqB85PA== ARC-Authentication-Results: i=1; mx1.freebsd.org; none ARC-Seal: i=1; s=dkim; d=freebsd.org; t=1677085405; a=rsa-sha256; cv=none; b=aq0eX2AAaXjTKHnC80faZaajvGH5OEhZeoezT2IcXJLpCcF5i4KqiMRVaLXPdtRE77kwwD dk8T/ngAQRWAuVgYo9G8/7dEMiLXGPSjVU8liL4IYHHJnpL760v5afMlP+Xm+Hm42PNIWv YTL6bieSz/tPHPSyrps3f/4JFHm7qMgSOKhB4mpgvj51Gn74kVpFPRucsLHPvxnkqJn+hE wohYuW4eycRWY5t+GUcv9BkeDdKth/+c/Yfwv6qtPtRPA0WcMBfnxOJ4PC1yC9I0aEUcKK MkcVqDZC0I5aRSbHPjmc8VQ9nZ8wZdzDedTys1rnJK9STbixImn4Nq2vq1q+hQ== Received: from gitrepo.freebsd.org (gitrepo.freebsd.org [IPv6:2610:1c1:1:6068::e6a:5]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (Client did not present a certificate) by mxrelay.nyi.freebsd.org (Postfix) with ESMTPS id 4PMMtP2rx5z17vW; Wed, 22 Feb 2023 17:03:25 +0000 (UTC) (envelope-from git@FreeBSD.org) Received: from gitrepo.freebsd.org ([127.0.1.44]) by gitrepo.freebsd.org (8.16.1/8.16.1) with ESMTP id 31MH3PIQ043480; Wed, 22 Feb 2023 17:03:25 GMT (envelope-from git@gitrepo.freebsd.org) Received: (from git@localhost) by gitrepo.freebsd.org (8.16.1/8.16.1/Submit) id 31MH3PPt043479; Wed, 22 Feb 2023 17:03:25 GMT (envelope-from git) Date: Wed, 22 Feb 2023 17:03:25 GMT Message-Id: <202302221703.31MH3PPt043479@gitrepo.freebsd.org> To: src-committers@FreeBSD.org, dev-commits-src-all@FreeBSD.org, dev-commits-src-main@FreeBSD.org From: Alan Somers Subject: git: 0c9df4afc239 - main - fusefs: fix a buffer overflow in the tests List-Id: Commit messages for the main branch of the src repository List-Archive: https://lists.freebsd.org/archives/dev-commits-src-main List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-dev-commits-src-main@freebsd.org X-BeenThere: dev-commits-src-main@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit X-Git-Committer: asomers X-Git-Repository: src X-Git-Refname: refs/heads/main X-Git-Reftype: branch X-Git-Commit: 0c9df4afc239ee52961443e95bca8be81f0dea9e Auto-Submitted: auto-generated X-ThisMailContainsUnwantedMimeParts: N The branch main has been updated by asomers: URL: https://cgit.FreeBSD.org/src/commit/?id=0c9df4afc239ee52961443e95bca8be81f0dea9e commit 0c9df4afc239ee52961443e95bca8be81f0dea9e Author: Alan Somers AuthorDate: 2023-02-22 00:13:56 +0000 Commit: Alan Somers CommitDate: 2023-02-22 17:03:01 +0000 fusefs: fix a buffer overflow in the tests The actual overflow occured in the ReadAhead.readahead test. Surprisingly it has never segfaulted or resulted in any bad behavior. MFC after: 1 week Sponsored by: Axcient Reviewed by: emaste Differential Revision: https://reviews.freebsd.org/D38718 --- tests/sys/fs/fusefs/bmap.cc | 2 ++ tests/sys/fs/fusefs/fallocate.cc | 3 +++ tests/sys/fs/fusefs/io.cc | 3 +++ tests/sys/fs/fusefs/mockfs.hh | 2 +- tests/sys/fs/fusefs/setattr.cc | 1 + tests/sys/fs/fusefs/utils.cc | 6 ++++++ tests/sys/fs/fusefs/write.cc | 2 ++ 7 files changed, 18 insertions(+), 1 deletion(-) diff --git a/tests/sys/fs/fusefs/bmap.cc b/tests/sys/fs/fusefs/bmap.cc index 56821f367a82..91d8ab563690 100644 --- a/tests/sys/fs/fusefs/bmap.cc +++ b/tests/sys/fs/fusefs/bmap.cc @@ -210,6 +210,8 @@ TEST_P(BmapEof, eof) _) ).WillOnce(Invoke(ReturnImmediate([=](auto in, auto& out) { size_t osize = in.body.read.size; + + assert(osize < sizeof(out.body.bytes)); out.header.len = sizeof(struct fuse_out_header) + osize; bzero(out.body.bytes, osize); }))); diff --git a/tests/sys/fs/fusefs/fallocate.cc b/tests/sys/fs/fusefs/fallocate.cc index 7ad2644980cf..e9d0ea997aa1 100644 --- a/tests/sys/fs/fusefs/fallocate.cc +++ b/tests/sys/fs/fusefs/fallocate.cc @@ -70,6 +70,7 @@ void expect_vop_stddeallocate(uint64_t ino, uint64_t off, uint64_t length) }, Eq(true)), _) ).WillOnce(Invoke(ReturnImmediate([=](auto in, auto& out) { + assert(in.body.read.size <= sizeof(out.body.bytes)); out.header.len = sizeof(struct fuse_out_header) + in.body.read.size; memset(out.body.bytes, 'X', in.body.read.size); @@ -79,6 +80,8 @@ void expect_vop_stddeallocate(uint64_t ino, uint64_t off, uint64_t length) const char *buf = (const char*)in.body.bytes + sizeof(struct fuse_write_in); + assert(length <= sizeof(in.body.bytes) - + sizeof(struct fuse_write_in)); return (in.header.opcode == FUSE_WRITE && in.header.nodeid == ino && in.body.write.offset == off && diff --git a/tests/sys/fs/fusefs/io.cc b/tests/sys/fs/fusefs/io.cc index 1502bd263f51..a8815434c6d8 100644 --- a/tests/sys/fs/fusefs/io.cc +++ b/tests/sys/fs/fusefs/io.cc @@ -141,6 +141,8 @@ void SetUp() ssize_t isize = in.body.write.size; off_t iofs = in.body.write.offset; + assert((size_t)isize <= sizeof(in.body.bytes) - + sizeof(struct fuse_write_in)); ASSERT_EQ(isize, pwrite(m_backing_fd, buf, isize, iofs)) << strerror(errno); SET_OUT_HEADER_LEN(out, write); @@ -158,6 +160,7 @@ void SetUp() void *buf = out.body.bytes; ssize_t osize; + assert((size_t)isize <= sizeof(out.body.bytes)); osize = pread(m_backing_fd, buf, isize, iofs); ASSERT_LE(0, osize) << strerror(errno); out.header.len = sizeof(struct fuse_out_header) + osize; diff --git a/tests/sys/fs/fusefs/mockfs.hh b/tests/sys/fs/fusefs/mockfs.hh index 121d985e56fe..edbaf7ef770f 100644 --- a/tests/sys/fs/fusefs/mockfs.hh +++ b/tests/sys/fs/fusefs/mockfs.hh @@ -206,7 +206,7 @@ union fuse_payloads_out { * The protocol places no limits on the size of bytes. Choose * a size big enough for anything we'll test. */ - uint8_t bytes[0x20000]; + uint8_t bytes[0x40000]; fuse_entry_out entry; fuse_entry_out_7_8 entry_7_8; fuse_lk_out getlk; diff --git a/tests/sys/fs/fusefs/setattr.cc b/tests/sys/fs/fusefs/setattr.cc index e245c274ba07..e08f2124e06f 100644 --- a/tests/sys/fs/fusefs/setattr.cc +++ b/tests/sys/fs/fusefs/setattr.cc @@ -530,6 +530,7 @@ TEST_F(Setattr, truncate_discards_cached_data) { auto osize = std::min( static_cast(cur_size) - in.body.read.offset, static_cast(in.body.read.size)); + assert(osize <= sizeof(out.body.bytes)); out.header.len = sizeof(struct fuse_out_header) + osize; if (should_have_data) memset(out.body.bytes, 'X', osize); diff --git a/tests/sys/fs/fusefs/utils.cc b/tests/sys/fs/fusefs/utils.cc index d4edca5ca945..b13ecfd9cb88 100644 --- a/tests/sys/fs/fusefs/utils.cc +++ b/tests/sys/fs/fusefs/utils.cc @@ -400,6 +400,7 @@ void FuseTest::expect_read(uint64_t ino, uint64_t offset, uint64_t isize, }, Eq(true)), _) ).WillOnce(Invoke(ReturnImmediate([=](auto in __unused, auto& out) { + assert(osize <= sizeof(out.body.bytes)); out.header.len = sizeof(struct fuse_out_header) + osize; memmove(out.body.bytes, contents, osize); }))).RetiresOnSaturation(); @@ -502,6 +503,8 @@ void FuseTest::expect_write(uint64_t ino, uint64_t offset, uint64_t isize, bool pid_ok; uint32_t wf = in.body.write.write_flags; + assert(isize <= sizeof(in.body.bytes) - + sizeof(struct fuse_write_in)); if (wf & FUSE_WRITE_CACHE) pid_ok = true; else @@ -534,6 +537,9 @@ void FuseTest::expect_write_7_8(uint64_t ino, uint64_t offset, uint64_t isize, const char *buf = (const char*)in.body.bytes + FUSE_COMPAT_WRITE_IN_SIZE; bool pid_ok = (pid_t)in.header.pid == getpid(); + + assert(isize <= sizeof(in.body.bytes) - + FUSE_COMPAT_WRITE_IN_SIZE); return (in.header.opcode == FUSE_WRITE && in.header.nodeid == ino && in.body.write.fh == FH && diff --git a/tests/sys/fs/fusefs/write.cc b/tests/sys/fs/fusefs/write.cc index 4e76414a601a..800376395e97 100644 --- a/tests/sys/fs/fusefs/write.cc +++ b/tests/sys/fs/fusefs/write.cc @@ -97,6 +97,8 @@ void maybe_expect_write(uint64_t ino, uint64_t offset, uint64_t size, const char *buf = (const char*)in.body.bytes + sizeof(struct fuse_write_in); + assert(size <= sizeof(in.body.bytes) - + sizeof(struct fuse_write_in)); return (in.header.opcode == FUSE_WRITE && in.header.nodeid == ino && in.body.write.offset == offset &&