Re: [LTP] patch for mount02.c and mount03.c bugs(maybe)

Sun, 12 Apr 2009 16:17:52 -0700 

From: "Guo Hongruan" <[email protected]>
Subject: Re: [LTP] patch for mount02.c and mount03.c bugs(maybe)
Date: Sun, 12 Apr 2009 11:00:48 +0800

> Hi, Qian
>    The LTP I used is LTP-20090131. Maybe mount03.c has changed since
>    then. For mount03.c, it does not work on my site.
> 
> Let's support we execute mount03 using the following command:
> 
> mount03 -D /dev/hda2 -T ext2
> 
> look at the following code in mount03.c
> 
> before applying the patch
> 172         if (Tflag) {
>                       /*the space using to store Fstype is strlen("ext2")==4, 
> the return value
>                       of strlen does not include
>                       the terminating `\0' character */
> 173                 Fstype = (char *) malloc(strlen(fstype));
> 174                 if (Fstype == NULL) {
> 175 tst_brkm(TBROK, NULL, "malloc failed to alloc %d errno "
> 176                                  " %d ", strlen(fstype), errno);
> 177                 }
>                       /*the Fstype context is "ext2", Note that, it is 
> without the '\0'
>                       terminating character,
>                       so when printf("%s", Fstype), the content is 
> undetermined*/
> 178                 strncpy(Fstype, fstype, strlen(fstype));
> 179         } else {
> 180                 Fstype = (char *) malloc(strlen(DEFAULT_FSTYPE));
> 181                 if (Fstype == NULL) {
> 182 tst_brkm(TBROK, NULL, "malloc failed to alloc %d errno "
> 183                                  " %d ", strlen(fstype), errno);
> 184                 }

Yes, you are right. Can you also update the above error messages -- line
175 and 182 (strlen(fstype) is totally wrong here) to have the correct
number of bytes?

Thanks,
CAI Qian

> 185 strncpy(Fstype, DEFAULT_FSTYPE, strlen(DEFAULT_FSTYPE));
> 186         }
> 
> after applying the patch.
> 172         if (Tflag) {
>                       /*We must allocate enough space to store the whole 
> string including '\0'
>                       terminating character*/
> 173                 Fstype = (char *) malloc(strlen(fstype)+1);
> 174                 if (Fstype == NULL) {
> 175 tst_brkm(TBROK, NULL, "malloc failed to alloc %d errno "
> 176                                  " %d ", strlen(fstype), errno);
> 177                 }
>                       /*memset ensures the terminating character exist for 
> any cases.*/
> 178                 memset(Fstype, 0, strlen(fstype)+1);
> 179                 strncpy(Fstype, fstype, strlen(fstype));
> 180         } else {
> 181                 Fstype = (char *) malloc(strlen(DEFAULT_FSTYPE)+1);
> 182                 if (Fstype == NULL) {
> 183 tst_brkm(TBROK, NULL, "malloc failed to alloc %d errno "
> 184                                  " %d ", strlen(fstype), errno);
> 185                 }
> 186                 memset(Fstype, 0, strlen(DEFAULT_FSTYPE)+1);
> 187 strncpy(Fstype, DEFAULT_FSTYPE, strlen(DEFAULT_FSTYPE));
> 188         }
> 
> 
> On Sat, 11 Apr 2009 15:55:36 +0800, CAI Qian <[email protected]> wrote:
> 
>>
>> Hi,
>>
>> --- On Thu, 4/9/09, Guo Hongruan <[email protected]> wrote:
>>
>>> From: Guo Hongruan <[email protected]>
>>> Subject: [LTP] patch for mount02.c and mount03.c bugs(maybe)
>>> To: [email protected]
>>> Date: Thursday, April 9, 2009, 11:41 AM
>>> Hi, Guys,
>>>     I think I found a bug of mount02.c and
>>> mount03.c which can not validate 
>>> mount system call correctly. I did the following change, on
>>> my sites, it 
>>> works OK. Here is the patch, hope it is useful.
>>>
>>>     Running these testcases manually can
>>> reproduce this bug:
>>> mount02 -D /dev/hda2 -T ext2
>>> mount03 -D /dev/hda2 -T ext2
>>>
>>
>> I can reproduce the problem with mount02, and confirm the patch works.
>> However, mount03 does not fail for me without the patch.
>>
>> # # ./mount03 -D /dev/sdb1 -T ext2
>> mount03 1 PASS : mount(2) Passed for rwflag MS_RDONLY - mount read-only
>> mount03 2 PASS : mount(2) Passed for rwflag MS_NODEV - disallow access
>> to device special files
>> mount03 3 PASS : mount(2) Passed for rwflag MS_NOEXEC - disallow program
>> execution
>> mount03 4 PASS : mount(2) Passed for rwflag MS_SYNCHRONOUS - writes are
>> synced at once
>> mount03 5 PASS : mount(2) Passed for rwflag MS_REMOUNT - alter flags of
>> a mounted FS
>> mount03 6 PASS : mount(2) Passed for rwflag MS_NOSUID - ignore suid and
>> sgid bits
>>
>> Can you describe a little bit about the problem you were facing with
>> mount03?
>>
>> CAI Qian
>>
>>> Index: testcases/kernel/syscalls/mount/mount02.c
>>> ===================================================================
>>> ---
>>> testcases/kernel/syscalls/mount/mount02.c   (revision
>>> 297)
>>> +++
>>> testcases/kernel/syscalls/mount/mount02.c   (working
>>> copy)
>>> @@ -414,8 +414,8 @@
>>>              
>>>    if (Tflag) {
>>>                
>>>          /* Avoid buffer
>>> overflow */
>>>                
>>>          strncpy(Type,
>>> fstype,
>>> -               
>>>            
>>>    (FSTYPE_LEN < strlen(fstype)) ?
>>> FSTYPE_LEN 
>>> :
>>> -               
>>>                
>>> strlen(fstype));
>>> +               
>>>            
>>>    (FSTYPE_LEN < strlen(fstype)+1) ? 
>>>
>>> FSTYPE_LEN :
>>> +               
>>>                
>>> strlen(fstype)+1);
>>>              
>>>    } else {
>>>                
>>>          strcpy(Type,
>>> "ext2");
>>>              
>>>    }
>>>
>>>
>>> Index: mount03.c
>>> ===================================================================
>>> --- mount03.c    (revision 297)
>>> +++ mount03.c    (working copy)
>>> @@ -170,18 +170,20 @@
>>>       }
>>>
>>>       if (Tflag) {
>>> -        Fstype = (char *)
>>> malloc(strlen(fstype));
>>> +        Fstype = (char *)
>>> malloc(strlen(fstype)+1);
>>>           if (Fstype ==
>>> NULL) {
>>>          
>>>     tst_brkm(TBROK, NULL, "malloc failed to
>>> alloc %d errno "
>>>          
>>>          " %d ",
>>> strlen(fstype), errno);
>>>           }
>>> +        memset(Fstype, 0,
>>> strlen(fstype)+1);
>>>          
>>> strncpy(Fstype, fstype, strlen(fstype));
>>>       } else {
>>> -        Fstype = (char *)
>>> malloc(strlen(DEFAULT_FSTYPE));
>>> +        Fstype = (char *)
>>> malloc(strlen(DEFAULT_FSTYPE)+1);
>>>           if (Fstype ==
>>> NULL) {
>>>          
>>>     tst_brkm(TBROK, NULL, "malloc failed to
>>> alloc %d errno "
>>>          
>>>          " %d ",
>>> strlen(fstype), errno);
>>>           }
>>> +        memset(Fstype, 0,
>>> strlen(DEFAULT_FSTYPE)+1);
>>>          
>>> strncpy(Fstype, DEFAULT_FSTYPE, strlen(DEFAULT_FSTYPE));
>>>       }
>>>
>>> @@ -408,6 +410,7 @@
>>>          
>>>        
>>>      strerror(TEST_ERRNO));
>>>          
>>>         }
>>>          
>>>         execve(file, NULL,
>>> NULL);
>>> +           
>>>     exit(-127);
>>>          
>>>         /* NOT REACHEAD */
>>>          
>>>     } else {
>>>          
>>>         waitpid(pid,
>>> &status, 0);
>>>
>>> --
>>> Guo Hongruan, Embedded Linux Consultant
>>> Mobile: +86-0-13484056007
>>> Skype: camelguo
>>> http://www.gulessoft.com
>>>
>>>
> ------------------------------------------------------------------------------
>>> This SF.net email is sponsored by:
>>> High Quality Requirements in a Collaborative Environment.
>>> Download a free trial of Rational Requirements Composer
>>> Now!
>>> http://p.sf.net/sfu/www-ibm-com
>>> _______________________________________________
>>> Ltp-list mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/ltp-list
>>>
> 
> 
> 
> -- 
> Guo Hongruan, Embedded Linux Consultant
> Mobile: +86-0-13484056007
> Skype: camelguo
> http://www.gulessoft.com

------------------------------------------------------------------------------
This SF.net email is sponsored by:
High Quality Requirements in a Collaborative Environment.
Download a free trial of Rational Requirements Composer Now!
http://p.sf.net/sfu/www-ibm-com
_______________________________________________
Ltp-list mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ltp-list

Reply via email to