github/acrn-hypervisor
1
0
Fork 0
mirror of https://github.com/projectacrn/acrn-hypervisor.git synced 2025-09-07 11:50:30 +00:00
Code Issues Projects Releases Wiki Activity

tools: acrn-crashlog: fix potential issues under common and usercrash

Browse Source 
This patch is to fix buffer overflow, return value not unified and
variable type not matched issues. And add some judge logic to improve
code quality.

Changes:
1. Handle the fd properly in the failing case.
2. Fix buffer overflow issues and null pointer access issues.
3. Fix the format issue in log_sys.c.
4. Remove the useless branch and adjust the function logic.
5. Add some checks for the string length before using strcpy/strcat/memcpy.
6. Fix strncpy null-terminated issues.
7. Change the return value to unify the return type.

Signed-off-by: CHEN Gang <gang.c.chen@intel.com>
Signed-off-by: xiaojin2 <xiaojing.liu@intel.com>
Reviewed-by: Zhi Jin <zhi.jin@intel.com>
Reviewed-by: Liu Xinwu <xinwu.liu@intel.com>
Acked-by: Zhang Di <di.zhang@intel.com>
This commit is contained in:
xiaojin2
2018-06-08 12:47:59 +08:00
committed by lijinxia
parent 48067b1cab
commit cb39badf82
10 changed files with 111 additions and 80 deletions
Download Patch File Download Diff File Expand all files Collapse all files

19
tools/acrn-crashlog/usercrash/server.c
View File

@@ -185,8 +185,8 @@ static int get_usercrash(struct crash_node *crash)
}
next_usercrash = (next_usercrash + 1) % usercrash_count;
crash->out_fd = result;
strncpy(crash->crash_path, file_name, FILE_PATH_LEN_MAX - 1);
strncpy(crash->crash_path, file_name, FILE_PATH_LEN_MAX);
crash->crash_path[FILE_PATH_LEN_MAX - 1] = '\0';
return 0;
}
@@ -295,8 +295,8 @@ static void crash_request_cb(evutil_socket_t sockfd, short ev, void *arg)
goto fail;
}
crash->pid = request.pid;
strncpy(crash->name, request.name, COMM_NAME_LEN - 1);
strncpy(crash->name, request.name, COMM_NAME_LEN);
crash->name[COMM_NAME_LEN - 1] = '\0';
LOGI("received crash request from pid %d, name: %s\n",
crash->pid, crash->name);
@@ -452,7 +452,7 @@ int main(int argc, char *argv[])
RESERVED_SOCKET_PREFIX, SOCKET_NAME);
if (chmod(socket_path, 0622) == -1) {
LOGE("failed to change usercrashd_crash priority\n");
exit(EXIT_FAILURE);
goto fail;
}
evutil_make_socket_nonblocking(crash_socket);
@@ -460,7 +460,7 @@ int main(int argc, char *argv[])
base = event_base_new();
if (!base) {
LOGE("failed to create event_base\n");
exit(EXIT_FAILURE);
goto fail;
}
TAILQ_INIT(&queue_t);
@@ -468,7 +468,7 @@ int main(int argc, char *argv[])
LEV_OPT_CLOSE_ON_FREE, -1, crash_socket);
if (!listener) {
LOGE("failed to create evconnlistener: %s\n", strerror(errno));
exit(EXIT_FAILURE);
goto fail;
}
LOGI("usercrash_s successfully initialized\n");
@@ -477,5 +477,10 @@ int main(int argc, char *argv[])
evconnlistener_free(listener);
event_base_free(base);
close(crash_socket);
return 0;
fail:
close(crash_socket);
exit(EXIT_FAILURE);
}