Bug#883115: perf: annotate doesn't work when symfs_filename contains shell-special characters

Wed, 29 Nov 2017 12:51:43 -0800 

Package: linux-perf-4.9
Version: 4.9.51-1
Severity: normal

Dear Maintainer,

I was trying to profile a binary linked to a non-system numeric calculation
library. The library in question is in its rpath which contains spaces.

When I chose "annotate this function" in `perf report` UI, I got "rep: <part
of the path to the library>: no such file or directory".

The bug seems to be around line 1349 of tools/perf/util/annotate.c:
https://sources.debian.net/src/linux/4.9.30-2%2Bdeb9u2/tools/perf/util/annotate.c/#L1349
- a command line is being built there with no regard to possible shell-special 
characters
in the variables.

A proper way to pass arbitrary strings to child process could be to pass them 
in separate
arguments using execl(...) and refer to them inside the command line only as 
"$1", "$2"
and so on - with proper quoting. Example:

        snprintf(command, sizeof(command),
                 "\"$1\" %s%s --start-address=0x%016" PRIx64
                 " --stop-address=0x%016" PRIx64
                 " -l -d %s %s -C \"$2\" 2>/dev/null|grep -v \"$2\"|expand",    
         
                 disassembler_style ? "-M " : "",
                 disassembler_style ? disassembler_style : "",
                 map__rip_2objdump(map, sym->start),
                 map__rip_2objdump(map, sym->end),
                 symbol_conf.annotate_asm_raw ? "" : "--no-show-raw",
                 symbol_conf.annotate_src ? "-S" : "");

// and later

                execl("/bin/sh", "sh", "-c", command, "--", objdump_path ? 
objdump_path : "objdump", symfs_filename, NULL);

Whatever special symbols are there in objdump_path or symfs_filename, they 
won't escape from
the command line parameters because they are properly quoted in the command 
line.

-- System Information:
Debian Release: 9.1
  APT prefers stable-debug
  APT policy: (500, 'stable-debug'), (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386, armhf

Kernel: Linux 4.9.0-3-amd64 (SMP w/6 CPU cores)
Locale: LANG=ru_RU.utf8, LC_CTYPE=ru_RU.utf8 (charmap=UTF-8), 
LANGUAGE=ru_RU.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: sysvinit (via /sbin/init)

Versions of packages linux-perf-4.9 depends on:
ii  libaudit1           1:2.6.7-2
ii  libbabeltrace-ctf1  1.5.1-1
ii  libc6               2.24-11+deb9u1
ii  libdw1              0.168-1
ii  libelf1             0.168-1
ii  libnuma1            2.0.11-2.1
ii  libperl5.24         5.24.1-3+deb9u2
ii  libpython2.7        2.7.13-2
ii  libslang2           2.3.1-5
ii  libunwind8          1.1-4.1
ii  zlib1g              1:1.2.8.dfsg-5

Versions of packages linux-perf-4.9 recommends:
ii  linux-base  4.5

Versions of packages linux-perf-4.9 suggests:
pn  linux-doc-4.9  <none>

-- no debconf information

Reply via email to