linux-kernel.vger.kernel.org archive mirror
 help / color / mirror / Atom feed
From: Shuah Khan <skhan@linuxfoundation.org>
To: Fenghua Yu <fenghua.yu@intel.com>, Shuah Khan <shuah@kernel.org>,
	Tony Luck <tony.luck@intel.com>,
	Reinette Chatre <reinette.chatre@intel.com>,
	David Binderman <dcb314@hotmail.com>,
	Babu Moger <babu.moger@amd.com>,
	James Morse <james.morse@arm.com>,
	Ravi V Shankar <ravi.v.shankar@intel.com>,
	Shuah Khan <skhan@linuxfoundation.org>
Cc: linux-kernel <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH v4 11/17] selftests/resctrl: Enable gcc checks to detect buffer overflows
Date: Mon, 25 Jan 2021 19:38:54 -0700	[thread overview]
Message-ID: <11b8d4ef-c1ef-f00a-bf02-ea23e79065d6@linuxfoundation.org> (raw)
In-Reply-To: <20201130202010.178373-12-fenghua.yu@intel.com>

On 11/30/20 1:20 PM, Fenghua Yu wrote:
> David reported a buffer overflow error in the check_results() function of
> the cmt unit test and he suggested enabling _FORTIFY_SOURCE gcc compiler
> option to automatically detect any such errors.
> 
> Feature Test Macros man page describes_FORTIFY_SOURCE as below
> 
> "Defining this macro causes some lightweight checks to be performed to
> detect some buffer overflow errors when employing various string and memory
> manipulation functions (for example, memcpy, memset, stpcpy, strcpy,
> strncpy, strcat, strncat, sprintf, snprintf, vsprintf, vsnprintf, gets, and
> wide character variants thereof). For some functions, argument consistency
> is checked; for example, a check is made that open has been supplied with a
> mode argument when the specified flags include O_CREAT. Not all problems
> are detected, just some common cases.
> 
> If _FORTIFY_SOURCE is set to 1, with compiler optimization level 1 (gcc
> -O1) and above, checks that shouldn't change the behavior of conforming
> programs are performed.
> 
> With _FORTIFY_SOURCE set to 2, some more checking is added, but some
> conforming programs might fail.
> 
> Some of the checks can be performed at compile time (via macros logic
> implemented in header files), and result in compiler warnings; other checks
> take place at run time, and result in a run-time error if the check fails.
> 
> Use of this macro requires compiler support, available with gcc since
> version 4.0."
> 
> Fix the buffer overflow error in the check_results() function of the cmt
> unit test and enable _FORTIFY_SOURCE gcc check to catch any future buffer
> overflow errors.
> 
> Reported-by: David Binderman <dcb314@hotmail.com>
> Suggested-by: David Binderman <dcb314@hotmail.com>
> Signed-off-by: Fenghua Yu <fenghua.yu@intel.com>
> ---
>   tools/testing/selftests/resctrl/Makefile   | 2 +-
>   tools/testing/selftests/resctrl/cmt_test.c | 2 +-
>   2 files changed, 2 insertions(+), 2 deletions(-)
> 
> diff --git a/tools/testing/selftests/resctrl/Makefile b/tools/testing/selftests/resctrl/Makefile
> index d585cc1948cc..6bcee2ec91a9 100644
> --- a/tools/testing/selftests/resctrl/Makefile
> +++ b/tools/testing/selftests/resctrl/Makefile
> @@ -1,5 +1,5 @@
>   CC = $(CROSS_COMPILE)gcc
> -CFLAGS = -g -Wall
> +CFLAGS = -g -Wall -O2 -D_FORTIFY_SOURCE=2
>   SRCS=$(wildcard *.c)
>   OBJS=$(SRCS:.c=.o)
>   
> diff --git a/tools/testing/selftests/resctrl/cmt_test.c b/tools/testing/selftests/resctrl/cmt_test.c
> index 188b73b5a2cc..ac1a33d9ce12 100644
> --- a/tools/testing/selftests/resctrl/cmt_test.c
> +++ b/tools/testing/selftests/resctrl/cmt_test.c
> @@ -81,7 +81,7 @@ static int check_results(struct resctrl_val_param *param, int no_of_bits)
>   		return errno;
>   	}
>   
> -	while (fgets(temp, 1024, fp)) {
> +	while (fgets(temp, sizeof(temp), fp)) {
>   		char *token = strtok(temp, ":\t");
>   		int fields = 0;
>   
> 

This should be fixed first before the other changes.

thanks,
-- Shuah

  reply	other threads:[~2021-01-26 10:52 UTC|newest]

Thread overview: 33+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2020-11-30 20:19 [PATCH v4 00/17] Miscellaneous fixes for resctrl selftests Fenghua Yu
2020-11-30 20:19 ` [PATCH v4 01/17] selftests/resctrl: Fix compilation issues for global variables Fenghua Yu
2021-01-26  1:22   ` Shuah Khan
2020-11-30 20:19 ` [PATCH v4 02/17] selftests/resctrl: Clean up resctrl features check Fenghua Yu
2021-01-26  2:08   ` Shuah Khan
2020-11-30 20:19 ` [PATCH v4 03/17] selftests/resctrl: Rename CQM test as CMT test Fenghua Yu
2020-11-30 20:19 ` [PATCH v4 04/17] selftests/resctrl: Fix printed messages Fenghua Yu
2021-01-26  2:25   ` Shuah Khan
2020-11-30 20:19 ` [PATCH v4 05/17] selftests/resctrl: Add a few dependencies Fenghua Yu
2021-01-26  2:29   ` Shuah Khan
2020-11-30 20:19 ` [PATCH v4 06/17] selftests/resctrl: Check for resctrl mount point only if resctrl FS is supported Fenghua Yu
2021-01-26  2:32   ` Shuah Khan
2020-11-30 20:20 ` [PATCH v4 07/17] selftests/resctrl: Use resctrl/info for feature detection Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 08/17] selftests/resctrl: Ensure sibling CPU is not same as original CPU Fenghua Yu
2021-01-26  2:35   ` Shuah Khan
2020-11-30 20:20 ` [PATCH v4 09/17] selftests/resctrl: Fix missing options "-n" and "-p" Fenghua Yu
2021-01-26  2:36   ` Shuah Khan
2020-11-30 20:20 ` [PATCH v4 10/17] selftests/resctrl: Fix MBA/MBM results reporting format Fenghua Yu
2021-01-26  2:38   ` Shuah Khan
2020-11-30 20:20 ` [PATCH v4 11/17] selftests/resctrl: Enable gcc checks to detect buffer overflows Fenghua Yu
2021-01-26  2:38   ` Shuah Khan [this message]
2020-11-30 20:20 ` [PATCH v4 12/17] selftests/resctrl: Don't hard code value of "no_of_bits" variable Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 13/17] selftests/resctrl: Modularize resctrl test suite main() function Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 14/17] selftests/resctrl: Skip the test if requested resctrl feature is not supported Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 15/17] selftests/resctrl: Fix unmount resctrl FS Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 16/17] selftests/resctrl: Fix incorrect parsing of iMC counters Fenghua Yu
2020-11-30 20:20 ` [PATCH v4 17/17] selftests/resctrl: Fix checking for < 0 for unsigned values Fenghua Yu
2020-12-11  0:21 ` [PATCH v4 00/17] Miscellaneous fixes for resctrl selftests Yu, Fenghua
2021-01-25 20:47 ` Fenghua Yu
2021-01-25 21:52   ` Shuah Khan
2021-01-25 21:54     ` Fenghua Yu
2021-01-26  1:22 ` Shuah Khan
2021-01-26 23:57 ` Shuah Khan

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=11b8d4ef-c1ef-f00a-bf02-ea23e79065d6@linuxfoundation.org \
    --to=skhan@linuxfoundation.org \
    --cc=babu.moger@amd.com \
    --cc=dcb314@hotmail.com \
    --cc=fenghua.yu@intel.com \
    --cc=james.morse@arm.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=ravi.v.shankar@intel.com \
    --cc=reinette.chatre@intel.com \
    --cc=shuah@kernel.org \
    --cc=tony.luck@intel.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).