From: "Steve Sakoman" <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][dunfell 09/28] pseudo: Fix xattr segfault
Date: Thu, 3 Dec 2020 05:07:59 -1000 [thread overview]
Message-ID: <48c770afc64b42af8386d9002ba9d3ce02acef41.1607007208.git.steve@sakoman.com> (raw)
In-Reply-To: <cover.1607007208.git.steve@sakoman.com>
From: Richard Purdie <richard.purdie@linuxfoundation.org>
Fix a NULL pointer dereference exposed by the path ignore code in
xattr handling.
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 929a27bf6cbca94d1141d2094ae0c915d93bd3f4)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
---
.../pseudo/files/xattr_fix.patch | 40 +++++++++++++++++++
meta/recipes-devtools/pseudo/pseudo_git.bb | 1 +
2 files changed, 41 insertions(+)
create mode 100644 meta/recipes-devtools/pseudo/files/xattr_fix.patch
diff --git a/meta/recipes-devtools/pseudo/files/xattr_fix.patch b/meta/recipes-devtools/pseudo/files/xattr_fix.patch
new file mode 100644
index 0000000000..61d0030b10
--- /dev/null
+++ b/meta/recipes-devtools/pseudo/files/xattr_fix.patch
@@ -0,0 +1,40 @@
+
+In the xattr handling functions, if result is NULL, which it can be
+with the path ignore code, there is a NULL pointer dereference and
+segfault. Everywhere else checks result first, this appears to just
+be an omission.
+
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Upstream-Status: Pending
+
+Index: git/ports/linux/xattr/pseudo_wrappers.c
+===================================================================
+--- git.orig/ports/linux/xattr/pseudo_wrappers.c
++++ git/ports/linux/xattr/pseudo_wrappers.c
+@@ -134,7 +134,7 @@ static ssize_t shared_getxattr(const cha
+ pseudo_debug(PDBGF_XATTR, "getxattr(%s [fd %d], %s)\n",
+ path ? path : "<no path>", fd, name);
+ pseudo_msg_t *result = pseudo_client_op(OP_GET_XATTR, 0, fd, -1, path, &buf, name);
+- if (result->result != RESULT_SUCCEED) {
++ if (!result || result->result != RESULT_SUCCEED) {
+ errno = ENOATTR;
+ return -1;
+ }
+@@ -254,7 +254,7 @@ static int shared_setxattr(const char *p
+ static ssize_t shared_listxattr(const char *path, int fd, char *list, size_t size) {
+ RC_AND_BUF
+ pseudo_msg_t *result = pseudo_client_op(OP_LIST_XATTR, 0, fd, -1, path, &buf);
+- if (result->result != RESULT_SUCCEED) {
++ if (!result || result->result != RESULT_SUCCEED) {
+ pseudo_debug(PDBGF_XATTR, "listxattr: no success.\n");
+ errno = ENOATTR;
+ return -1;
+@@ -276,7 +276,7 @@ static int shared_removexattr(const char
+ RC_AND_BUF
+ pseudo_msg_t *result = pseudo_client_op(OP_REMOVE_XATTR, 0, fd, -1, path, &buf, name);
+
+- if (result->result != RESULT_SUCCEED) {
++ if (!result || result->result != RESULT_SUCCEED) {
+ /* docs say ENOATTR, but I don't have one */
+ errno = ENOENT;
+ return -1;
diff --git a/meta/recipes-devtools/pseudo/pseudo_git.bb b/meta/recipes-devtools/pseudo/pseudo_git.bb
index a5e79ec9a5..7857b4f1b1 100644
--- a/meta/recipes-devtools/pseudo/pseudo_git.bb
+++ b/meta/recipes-devtools/pseudo/pseudo_git.bb
@@ -6,6 +6,7 @@ SRC_URI = "git://git.yoctoproject.org/pseudo;branch=oe-core \
file://add_ignore_paths.patch \
file://abort_on_mismatch.patch \
file://track_link_fds.patch \
+ file://xattr_fix.patch \
file://fallback-passwd \
file://fallback-group \
"
--
2.17.1
next prev parent reply other threads:[~2020-12-03 15:09 UTC|newest]
Thread overview: 37+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-12-03 15:07 [OE-core][dunfell 00/28] Patch review - pseudo file mode corruption fix series Steve Sakoman
2020-12-03 15:07 ` [OE-core][dunfell 01/28] pseudo: Switch to oe-core branch in git repo Steve Sakoman
2020-12-03 15:07 ` [OE-core][dunfell 02/28] pseudo: merge in fixes for setfacl issue Steve Sakoman
2020-12-03 15:07 ` [OE-core][dunfell 03/28] pseudo: Update to add OFC fcntl lock updates Steve Sakoman
2020-12-03 15:07 ` [OE-core][dunfell 04/28] pseudo: fix renaming to self Steve Sakoman
2020-12-03 15:07 ` [OE-core][dunfell 05/28] pseudo: Ignore mismatched inodes from the db Steve Sakoman
2020-12-03 15:07 ` [OE-core][dunfell 06/28] pseudo: Add support for ignoring paths from the pseudo DB Steve Sakoman
2020-12-03 15:07 ` [OE-core][dunfell 07/28] pseudo: Abort on mismatch patch Steve Sakoman
2020-12-03 15:07 ` [OE-core][dunfell 08/28] psuedo: Add tracking of linked files for fds Steve Sakoman
2020-12-03 15:07 ` Steve Sakoman [this message]
2020-12-03 15:08 ` [OE-core][dunfell 10/28] pseudo: Add may unlink patch Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 11/28] pseudo: Add pathfix patch Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 12/28] bitbake.conf: Remove TERM from default BB_HASHBASE_WHITELIST Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 13/28] base/bitbake.conf: Enable pseudo path filtering Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 14/28] wic: Fix permissions when using exclude or include path Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 15/28] wic: Fix multi images .wks with bitbake Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 16/28] wic: Avoid creating invalid pseudo directory Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 17/28] wic: Handle new PSEUDO_IGNORE_PATHS variable Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 18/28] pseudo: Fix statx function usage Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 19/28] devtool: remove unused variable Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 20/28] bitbake.conf: Extend PSEUDO_IGNORE_PATHS to ${COREBASE}/meta Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 21/28] abi_version,sanity: Tell users TMPDIR must be clean after pseudo changes Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 22/28] pseudo: Update to account for patches merged on branch Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 23/28] pseudo: Upgrade to include mkostemp64 wrapper Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 24/28] base.bbclass: use os.path.normpath instead of just comparing WORKDIR and S as strings Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 25/28] oeqa/selftest/runtime_test: Exclude gpg directory from pseudo database Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 26/28] tcl: adapt to potential pseudo changes Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 27/28] bitbake.conf: Exclude ${CCACHE_DIR} from pseudo database Steve Sakoman
2020-12-03 15:08 ` [OE-core][dunfell 28/28] uninative: Don't use single sstate for pseudo-native Steve Sakoman
2020-12-21 14:33 ` [OE-core][dunfell 00/28] Patch review - pseudo file mode corruption fix series Martin Jansa
2020-12-21 15:06 ` Steve Sakoman
2020-12-22 9:08 ` Erik Boto
2020-12-22 10:03 ` Richard Purdie
2020-12-22 13:50 ` Paul Barker
2020-12-22 14:57 ` Erik Boto
2020-12-22 15:09 ` Paul Barker
2020-12-22 17:53 ` Richard Purdie
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=48c770afc64b42af8386d9002ba9d3ce02acef41.1607007208.git.steve@sakoman.com \
--to=steve@sakoman.com \
--cc=openembedded-core@lists.openembedded.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.