https://bugs.kde.org/show_bug.cgi?id=514094
Mark Wielaard <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #4 from Mark Wielaard <[email protected]> --- (In reply to Paul Floyd from comment #2) > The same problem exists with readlnkat using an absolute path (and probably > any combination of dirfd being /, /proc, /proc/self, /proc/pid and the path > being the relative remainder to /proc/pid/exe or /proc/self/exe, but that's > a corner case that we don't handle at all). > > The man page says > readlink() places the contents of the symbolic link pathname in > the buffer buf, > which has size bufsiz. readlink() does not append a terminating null > byte to buf. > It will (silently) truncate the contents (to a length of bufsiz > characters), in case > the buffer is too small to hold all of the contents. > > Since we aren't null terminating we may be within the letter of the law. I > don't think that's a good enough excuse. > > Here is what is happening > > 1. PRE does its stuff > 2. Valgrind does the client syscall which resolves the link to the tool exe > 3. The post sees that it is a special case and does another syscall which > resolves to the guest exename > 4. The buffer gets overwritten without null termination. > > What we really need to do is to move the special case syscall to the PRE > function. Are you sure? commit 0690dc39644d15fc89813419ffcdf9754b098260 says the special syscall was done/moved explicitly into the POST handler: commit 0690dc39644d15fc89813419ffcdf9754b098260 Author: Mark Wielaard <[email protected]> Date: Sun Sep 22 23:24:34 2024 +0200 Implement /proc/self/exe readlink[at] fallback in POST handler Calling the readlink[at] syscall directly from the PRE handler defeats the FUSE_COMPATIBLE_MAY_BLOCK (SfMayBlock) flag. Add a POST handler that only explicitly calls the readlink[at] handler for the /proc/self/exe fallback (this should be fine unless /proc is also implemented as fuse in this process). Adjust readlink[at] GENX_ and LINX_ syswrap macros to GENXY and LINXY. https://bugs.kde.org/show_bug.cgi?id=493507 So moving it back into the PRE handler will reintroduce that bug. -- You are receiving this mail because: You are watching all bug changes.
