From: Shuah Khan <skhan@linuxfoundation.org>
To: Fenghua Yu <fenghua.yu@intel.com>, Shuah Khan <shuah@kernel.org>,
Tony Luck <tony.luck@intel.com>,
Reinette Chatre <reinette.chatre@intel.com>,
David Binderman <dcb314@hotmail.com>,
Babu Moger <babu.moger@amd.com>,
James Morse <james.morse@arm.com>,
Ravi V Shankar <ravi.v.shankar@intel.com>,
Shuah Khan <skhan@linuxfoundation.org>
Cc: linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v4 11/17] selftests/resctrl: Enable gcc checks to detect buffer overflows
Date: Mon, 25 Jan 2021 19:38:54 -0700 [thread overview]
Message-ID: <11b8d4ef-c1ef-f00a-bf02-ea23e79065d6@linuxfoundation.org> (raw)
In-Reply-To: <20201130202010.178373-12-fenghua.yu@intel.com>
On 11/30/20 1:20 PM, Fenghua Yu wrote:
> David reported a buffer overflow error in the check_results() function of
> the cmt unit test and he suggested enabling _FORTIFY_SOURCE gcc compiler
> option to automatically detect any such errors.
>
> Feature Test Macros man page describes_FORTIFY_SOURCE as below
>
> "Defining this macro causes some lightweight checks to be performed to
> detect some buffer overflow errors when employing various string and memory
> manipulation functions (for example, memcpy, memset, stpcpy, strcpy,
> strncpy, strcat, strncat, sprintf, snprintf, vsprintf, vsnprintf, gets, and
> wide character variants thereof). For some functions, argument consistency
> is checked; for example, a check is made that open has been supplied with a
> mode argument when the specified flags include O_CREAT. Not all problems
> are detected, just some common cases.
>
> If _FORTIFY_SOURCE is set to 1, with compiler optimization level 1 (gcc
> -O1) and above, checks that shouldn't change the behavior of conforming
> programs are performed.
>
> With _FORTIFY_SOURCE set to 2, some more checking is added, but some
> conforming programs might fail.
>
> Some of the checks can be performed at compile time (via macros logic
> implemented in header files), and result in compiler warnings; other checks
> take place at run time, and result in a run-time error if the check fails.
>
> Use of this macro requires compiler support, available with gcc since
> version 4.0."
>
> Fix the buffer overflow error in the check_results() function of the cmt
> unit test and enable _FORTIFY_SOURCE gcc check to catch any future buffer
> overflow errors.
>
> Reported-by: David Binderman <dcb314@hotmail.com>
> Suggested-by: David Binderman <dcb314@hotmail.com>
> Signed-off-by: Fenghua Yu <fenghua.yu@intel.com>
> ---
> tools/testing/selftests/resctrl/Makefile | 2 +-
> tools/testing/selftests/resctrl/cmt_test.c | 2 +-
> 2 files changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/tools/testing/selftests/resctrl/Makefile b/tools/testing/selftests/resctrl/Makefile
> index d585cc1948cc..6bcee2ec91a9 100644
> --- a/tools/testing/selftests/resctrl/Makefile
> +++ b/tools/testing/selftests/resctrl/Makefile
> @@ -1,5 +1,5 @@
> CC = $(CROSS_COMPILE)gcc
> -CFLAGS = -g -Wall
> +CFLAGS = -g -Wall -O2 -D_FORTIFY_SOURCE=2
> SRCS=$(wildcard *.c)
> OBJS=$(SRCS:.c=.o)
>
> diff --git a/tools/testing/selftests/resctrl/cmt_test.c b/tools/testing/selftests/resctrl/cmt_test.c
> index 188b73b5a2cc..ac1a33d9ce12 100644
> --- a/tools/testing/selftests/resctrl/cmt_test.c
> +++ b/tools/testing/selftests/resctrl/cmt_test.c
> @@ -81,7 +81,7 @@ static int check_results(struct resctrl_val_param *param, int no_of_bits)
> return errno;
> }
>
> - while (fgets(temp, 1024, fp)) {
> + while (fgets(temp, sizeof(temp), fp)) {
> char *token = strtok(temp, ":\t");
> int fields = 0;
>
>
This should be fixed first before the other changes.
thanks,
-- Shuah
next prev parent reply other threads:[~2021-01-26 10:52 UTC|newest]
Thread overview: 33+ messages / expand[flat|nested] mbox.gz Atom feed top
2020-11-30 20:19 [PATCH v4 00/17] Miscellaneous fixes for resctrl selftests Fenghua Yu
2020-11-30 20:19 ` [PATCH v4 01/17] selftests/resctrl: Fix compilation issues for global variables Fenghua Yu
2021-01-26 1:22 ` Shuah Khan
2020-11-30 20:19 ` [PATCH v4 02/17] selftests/resctrl: Clean up resctrl features check Fenghua Yu
2021-01-26 2:08 ` Shuah Khan
2020-11-30 20:19 ` [PATCH v4 03/17] selftests/resctrl: Rename CQM test as CMT test Fenghua Yu
2020-11-30 20:19 ` [PATCH v4 04/17] selftests/resctrl: Fix printed messages Fenghua Yu
2021-01-26 2:25 ` Shuah Khan
2020-11-30 20:19 ` [PATCH v4 05/17] selftests/resctrl: Add a few dependencies Fenghua Yu
2021-01-26 2:29 ` Shuah Khan
2020-11-30 20:19 ` [PATCH v4 06/17] selftests/resctrl: Check for resctrl mount point only if resctrl FS is supported Fenghua Yu
2021-01-26 2:32 ` Shuah Khan
2020-11-30 20:20 ` [PATCH v4 07/17] selftests/resctrl: Use resctrl/info for feature detection Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 08/17] selftests/resctrl: Ensure sibling CPU is not same as original CPU Fenghua Yu
2021-01-26 2:35 ` Shuah Khan
2020-11-30 20:20 ` [PATCH v4 09/17] selftests/resctrl: Fix missing options "-n" and "-p" Fenghua Yu
2021-01-26 2:36 ` Shuah Khan
2020-11-30 20:20 ` [PATCH v4 10/17] selftests/resctrl: Fix MBA/MBM results reporting format Fenghua Yu
2021-01-26 2:38 ` Shuah Khan
2020-11-30 20:20 ` [PATCH v4 11/17] selftests/resctrl: Enable gcc checks to detect buffer overflows Fenghua Yu
2021-01-26 2:38 ` Shuah Khan [this message]
2020-11-30 20:20 ` [PATCH v4 12/17] selftests/resctrl: Don't hard code value of "no_of_bits" variable Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 13/17] selftests/resctrl: Modularize resctrl test suite main() function Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 14/17] selftests/resctrl: Skip the test if requested resctrl feature is not supported Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 15/17] selftests/resctrl: Fix unmount resctrl FS Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 16/17] selftests/resctrl: Fix incorrect parsing of iMC counters Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 17/17] selftests/resctrl: Fix checking for < 0 for unsigned values Fenghua Yu
2020-12-11 0:21 ` [PATCH v4 00/17] Miscellaneous fixes for resctrl selftests Yu, Fenghua
2021-01-25 20:47 ` Fenghua Yu
2021-01-25 21:52 ` Shuah Khan
2021-01-25 21:54 ` Fenghua Yu
2021-01-26 1:22 ` Shuah Khan
2021-01-26 23:57 ` Shuah Khan
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=11b8d4ef-c1ef-f00a-bf02-ea23e79065d6@linuxfoundation.org \
--to=skhan@linuxfoundation.org \
--cc=babu.moger@amd.com \
--cc=dcb314@hotmail.com \
--cc=fenghua.yu@intel.com \
--cc=james.morse@arm.com \
--cc=linux-kernel@vger.kernel.org \
--cc=ravi.v.shankar@intel.com \
--cc=reinette.chatre@intel.com \
--cc=shuah@kernel.org \
--cc=tony.luck@intel.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).