Branch: refs/heads/master
Home: https://github.com/timbunce/devel-nytprof
Commit: 7595dd80cfb07b5d0b28ac0d084eaf9a14a50b67
https://github.com/timbunce/devel-nytprof/commit/7595dd80cfb07b5d0b28ac0d084eaf9a14a50b67
Author: Luciano Rocha <[email protected]>
Date: 2018-02-26 (Mon, 26 Feb 2018)
Changed paths:
M NYTProf.xs
Log Message:
-----------
NYTProf.xs: prevent memory corruption in incr_sub_inclusive_time
In incr_sub_inclusive_time, the write to subr_call_key could in some
circumstances write beyond the size of the buffer:
*** buffer overflow detected ***: /usr/sbin/uwsgi terminated
======= Backtrace: =========
/lib64/libc.so.6(__fortify_fail+0x37)[0x7fb2c7589d87]
/lib64/libc.so.6(+0x10df40)[0x7fb2c7587f40]
/lib64/libc.so.6(+0x10d449)[0x7fb2c7587449]
/lib64/libc.so.6(_IO_default_xsputn+0xbc)[0x7fb2c74f264c]
/lib64/libc.so.6(_IO_vfprintf+0x151d)[0x7fb2c74c269d]
/lib64/libc.so.6(__vsprintf_chk+0x88)[0x7fb2c75874d8]
/lib64/libc.so.6(__sprintf_chk+0x7d)[0x7fb2c758742d]
/usr/local/git_tree/main/lib/site/lib/auto/Devel/NYTProf/NYTProf.so(+0xe483)[0x7fb2ad9f0483]
/usr/local/booking-perl/5.24.3/lib/CORE/libperl.so(Perl_leave_scope+0x116)[0x7fb2c54fc3b6]
With gdb attached I could find the function:
#10 0x00007faa38ff1363 in incr_sub_inclusive_time () from
/usr/lib/pakket/5.24.3/libraries/active/lib/perl5/x86_64-linux/auto/Devel/NYTProf/NYTProf.so
Notably, the crash didn't happen with optimizations disabled, with the -g to
Makefile.PL.
There's already a check for not exceeding the size of the buffer, but that
comes after the memory corruption happens.
Changing from sprintf to snprinf fixes the memory corruption, and will return
the number of bytes that *would* have been written if enough space was
available, so the check for size still happens.
Commit: b8621ab1122a98f2bb6b200d723fbae27f8e7867
https://github.com/timbunce/devel-nytprof/commit/b8621ab1122a98f2bb6b200d723fbae27f8e7867
Author: Tim Bunce <[email protected]>
Date: 2018-03-23 (Fri, 23 Mar 2018)
Changed paths:
M NYTProf.xs
Log Message:
-----------
Merge pull request #115 from lucrocha/master
NYTProf.xs: prevent memory corruption in incr_sub_inclusive_time
Compare:
https://github.com/timbunce/devel-nytprof/compare/dab328661a10...b8621ab1122a
--
--
You've received this message because you are subscribed to
the Devel::NYTProf Development User group.
Group hosted at: http://groups.google.com/group/develnytprof-dev
Project hosted at: http://perl-devel-nytprof.googlecode.com
CPAN distribution: http://search.cpan.org/dist/Devel-NYTProf
To post, email: [email protected]
To unsubscribe, email: [email protected]
---
You received this message because you are subscribed to the Google Groups
"Devel::NYTProf Dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
