rpms / strace

Clone
Source Code
GIT

Blame SOURCES/0031-avoid-zero-length-VLA-in-evdev_c.patch

c4 c5 c5-plus c6 c6-plus c7 c7-aarch64 c7-alt c7-beta c7-ppc64le c8 c8-beta c8s c9 c9-beta
  1.   a94321c24ded65df468a860f732116833d3b4112
  2.   SOURCES
  3.   0031-avoid-zero-length-VLA-in-evdev_c.patch
Blob History Raw
a94321 
Index: strace-4.24/evdev.c
a94321 
===================================================================
a94321 
--- strace-4.24.orig/evdev.c	2019-06-13 23:42:43.294304862 +0200
a94321 
+++ strace-4.24/evdev.c	2019-06-13 23:43:35.588294946 +0200
a94321 
@@ -143,6 +143,14 @@
a94321 
 	return RVAL_IOCTL_DECODED;
a94321 
 }
a94321
a94321 
+# ifndef ROUNDUP_DIV
a94321 
+#  define ROUNDUP_DIV(val_, div_) (((val_) + (div_) - 1) / (div_))
a94321 
+# endif
a94321 
+
a94321 
+# ifndef ROUNDUP
a94321 
+#  define ROUNDUP(val_, div_) (ROUNDUP_DIV((val_), (div_)) * (div_))
a94321 
+# endif
a94321 
+
a94321 
 static int
a94321 
 decode_bitset_(struct tcb *const tcp, const kernel_ulong_t arg,
a94321 
 	       const struct xlat decode_nr[], const unsigned int max_nr,
a94321 
@@ -151,25 +159,36 @@
a94321 
 	tprints(", ");
a94321
a94321 
 	unsigned int size;
a94321 
-	if ((kernel_ulong_t) tcp->u_rval > max_nr / 8)
a94321 
-		size = max_nr;
a94321 
+	unsigned int size_bits;
a94321 
+
a94321 
+	if ((kernel_ulong_t) tcp->u_rval > max_nr / CHAR_BIT)
a94321 
+		size_bits = max_nr;
a94321 
 	else
a94321 
-		size = tcp->u_rval * 8;
a94321 
+		size_bits = tcp->u_rval * CHAR_BIT;
a94321 
+
a94321 
+	size = ROUNDUP(ROUNDUP_DIV(size_bits, CHAR_BIT), current_wordsize);
a94321 
+
a94321 
+	if (syserror(tcp) || !size) {
a94321 
+		printaddr(arg);
a94321 
+
a94321 
+		return RVAL_IOCTL_DECODED;
a94321 
+	}
a94321 
+
a94321 
 	char decoded_arg[size];
a94321
a94321 
-	if (umove_or_printaddr(tcp, arg, &decoded_arg))
a94321 
+	if (umoven_or_printaddr(tcp, arg, size, decoded_arg))
a94321 
 		return RVAL_IOCTL_DECODED;
a94321
a94321 
 	tprints("[");
a94321
a94321 
 	int bit_displayed = 0;
a94321 
-	int i = next_set_bit(decoded_arg, 0, size);
a94321 
+	int i = next_set_bit(decoded_arg, 0, size_bits);
a94321 
 	if (i < 0) {
a94321 
 		tprints(" 0 ");
a94321 
 	} else {
a94321 
 		printxval_dispatch(decode_nr, decode_nr_size, i, dflt, xt);
a94321
a94321 
-		while ((i = next_set_bit(decoded_arg, i + 1, size)) > 0) {
a94321 
+		while ((i = next_set_bit(decoded_arg, i + 1, size_bits)) > 0) {
a94321 
 			if (abbrev(tcp) && bit_displayed >= 3) {
a94321 
 				tprints(", ...");
a94321 
 				break;

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation