|
From: <sv...@va...> - 2005-09-23 13:50:32
|
Author: sewardj
Date: 2005-09-23 14:50:29 +0100 (Fri, 23 Sep 2005)
New Revision: 4735
Log:
sigaction wrappers: don't dereference 'act' without first checking it
isn't going to cause a segfault. I'm not sure how
memcheck/tests/x86/scalar managed to not crash V at this point without
such a check.
Modified:
branches/ASPACEM/coregrind/m_syswrap/priv_syswrap-generic.h
branches/ASPACEM/coregrind/m_syswrap/syswrap-generic.c
branches/ASPACEM/coregrind/m_syswrap/syswrap-x86-linux.c
Modified: branches/ASPACEM/coregrind/m_syswrap/priv_syswrap-generic.h
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- branches/ASPACEM/coregrind/m_syswrap/priv_syswrap-generic.h 2005-09-2=
3 13:47:34 UTC (rev 4734)
+++ branches/ASPACEM/coregrind/m_syswrap/priv_syswrap-generic.h 2005-09-2=
3 13:50:29 UTC (rev 4735)
@@ -40,6 +40,11 @@
Bool ML_(valid_client_addr)(Addr start, SizeT size, ThreadId tid,
const Char *syscallname);
=20
+/* Handy small function to help stop wrappers from segfaulting when
+ presented with bogus client addresses. Is not used for generating
+ user-visible errors. */
+extern Bool ML_(safe_to_deref) ( void* start, SizeT size );
+
// Returns True if the signal is OK for the client to use.
extern Bool ML_(client_signal_OK)(Int sigNo);
=20
Modified: branches/ASPACEM/coregrind/m_syswrap/syswrap-generic.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- branches/ASPACEM/coregrind/m_syswrap/syswrap-generic.c 2005-09-23 13:=
47:34 UTC (rev 4734)
+++ branches/ASPACEM/coregrind/m_syswrap/syswrap-generic.c 2005-09-23 13:=
50:29 UTC (rev 4735)
@@ -99,6 +99,17 @@
return ret;
}
=20
+
+/* Handy small function to help stop wrappers from segfaulting when
+ presented with bogus client addresses. Is not used for generating
+ user-visible errors. */
+
+Bool ML_(safe_to_deref) ( void* start, SizeT size )
+{
+ return VG_(am_is_valid_for_client)( (Addr)start, size, VKI_PROT_NONE =
);
+}
+
+
/* ---------------------------------------------------------------------
Doing mmap, mremap
------------------------------------------------------------------ */
@@ -5613,7 +5624,8 @@
PRE_MEM_READ( "rt_sigaction(act->sa_handler)", (Addr)&sa->ksa_hand=
ler, sizeof(sa->ksa_handler));
PRE_MEM_READ( "rt_sigaction(act->sa_mask)", (Addr)&sa->sa_mask, si=
zeof(sa->sa_mask));
PRE_MEM_READ( "rt_sigaction(act->sa_flags)", (Addr)&sa->sa_flags, =
sizeof(sa->sa_flags));
- if (sa->sa_flags & VKI_SA_RESTORER)
+ if (ML_(safe_to_deref)(sa,sizeof(sa))=20
+ && (sa->sa_flags & VKI_SA_RESTORER))
PRE_MEM_READ( "rt_sigaction(act->sa_restorer)", (Addr)&sa->sa_r=
estorer, sizeof(sa->sa_restorer));
}
if (ARG3 !=3D 0)
Modified: branches/ASPACEM/coregrind/m_syswrap/syswrap-x86-linux.c
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D
--- branches/ASPACEM/coregrind/m_syswrap/syswrap-x86-linux.c 2005-09-23 1=
3:47:34 UTC (rev 4734)
+++ branches/ASPACEM/coregrind/m_syswrap/syswrap-x86-linux.c 2005-09-23 1=
3:50:29 UTC (rev 4735)
@@ -1882,7 +1882,8 @@
PRE_MEM_READ( "rt_sigaction(act->sa_handler)", (Addr)&sa->ksa_hand=
ler, sizeof(sa->ksa_handler));
PRE_MEM_READ( "rt_sigaction(act->sa_mask)", (Addr)&sa->sa_mask, si=
zeof(sa->sa_mask));
PRE_MEM_READ( "rt_sigaction(act->sa_flags)", (Addr)&sa->sa_flags, =
sizeof(sa->sa_flags));
- if (sa->sa_flags & VKI_SA_RESTORER)
+ if (ML_(safe_to_deref)(sa,sizeof(sa))=20
+ && (sa->sa_flags & VKI_SA_RESTORER))
PRE_MEM_READ( "rt_sigaction(act->sa_restorer)", (Addr)&sa->sa_r=
estorer, sizeof(sa->sa_restorer));
}
=20
|