[LTP] [PATCH 4/4] syscalls/statfs: Avoid dereferencing invalid buf in libc

Cyril Hrubis chrubis@suse.cz
Wed Aug 17 16:40:32 CEST 2022 

Hi!
> The [f]statfs02 testsuites check that [f]statfs returns EFUALT when the
> provided buf parameter is invalid. There are cases in which the supported
> libcs don't exhibit this behaviour.
> 
> glibc versions newer than 2.34 and on systems that support [f]statfs64,
> call the syscall with a local struct statfs and then copy the result
> into buf. This throws a segfault for an invalid buf. musl dereferences buf
> before the syscall is called and, similarly, throws a segfault.
> 
> To avoid dereferencing an invalid buf in libc, bypass the [f]statfs wrapper
> and call the syscall directly. Consistently with the libc wrappers,
> choose [f]statfs64 instead of [f]statfs if the target supports it.

Another solution that we used in the past would be installing a signal
handler for segfault and treat that signal as a PASS for the EFAULT
test.

> Signed-off-by: Tudor Cretu <tudor.cretu@arm.com>
> ---
>  testcases/kernel/syscalls/fstatfs/fstatfs02.c | 7 ++++++-
>  testcases/kernel/syscalls/statfs/statfs02.c   | 7 ++++++-
>  2 files changed, 12 insertions(+), 2 deletions(-)
> 
> diff --git a/testcases/kernel/syscalls/fstatfs/fstatfs02.c b/testcases/kernel/syscalls/fstatfs/fstatfs02.c
> index db2230f82..c1af07070 100644
> --- a/testcases/kernel/syscalls/fstatfs/fstatfs02.c
> +++ b/testcases/kernel/syscalls/fstatfs/fstatfs02.c
> @@ -25,6 +25,7 @@
>  #include <sys/types.h>
>  #include <sys/statfs.h>
>  #include <errno.h>
> +#include "lapi/syscalls.h"
>  #include "test.h"
>  #include "safe_macros.h"
>  
> @@ -68,7 +69,11 @@ int main(int ac, char **av)
>  
>  		for (i = 0; i < TST_TOTAL; i++) {
>  
> -			TEST(fstatfs(TC[i].fd, TC[i].sbuf));
> +#if __NR_fstatfs64 != __LTP__NR_INVALID_SYSCALL
> +			TEST(tst_syscall(__NR_fstatfs64, TC[i].fd, TC[i].sbuf));
> +#else
> +			TEST(tst_syscall(__NR_fstatfs, TC[i].fd, TC[i].sbuf));
> +#endif

Even if we wanted to go with this version this should be put into an
header in lapi/ and not added into each test that calls statfs().

>  			if (TEST_RETURN != -1) {
>  				tst_resm(TFAIL, "call succeeded unexpectedly");
> diff --git a/testcases/kernel/syscalls/statfs/statfs02.c b/testcases/kernel/syscalls/statfs/statfs02.c
> index 279665f86..e1afbda39 100644
> --- a/testcases/kernel/syscalls/statfs/statfs02.c
> +++ b/testcases/kernel/syscalls/statfs/statfs02.c
> @@ -39,6 +39,7 @@
>  #include <sys/vfs.h>
>  #include <sys/mman.h>
>  #include <errno.h>
> +#include "lapi/syscalls.h"
>  #include "test.h"
>  #include "safe_macros.h"
>  
> @@ -116,7 +117,11 @@ static void setup(void)
>  
>  static void statfs_verify(const struct test_case_t *test)
>  {
> -	TEST(statfs(test->path, test->buf));
> +#if __NR_statfs64 != __LTP__NR_INVALID_SYSCALL
> +	TEST(tst_syscall(__NR_statfs64, test->path, test->buf));
> +#else
> +	TEST(tst_syscall(__NR_statfs, test->path, test->buf));
> +#endif
>  
>  	if (TEST_RETURN != -1) {
>  		tst_resm(TFAIL, "call succeeded unexpectedly");
> -- 
> 2.25.1
> 
> 
> -- 
> Mailing list info: https://lists.linux.it/listinfo/ltp

-- 
Cyril Hrubis
chrubis@suse.cz

More information about the ltp mailing list