From 463d666cc53a2f9d2df0f68310d6575ccae42bfe Mon Sep 17 00:00:00 2001 From: Josh Stone Date: Thu, 4 Feb 2010 17:44:59 -0800 Subject: Revert "PR11234: Ensure __get_argv doesn't overflow" This reverts commit f75409719f120a3dbee66d761cf23a64092d1414. --- testsuite/systemtap.base/overflow-get_argv.stp | 62 -------------------------- 1 file changed, 62 deletions(-) delete mode 100644 testsuite/systemtap.base/overflow-get_argv.stp (limited to 'testsuite/systemtap.base/overflow-get_argv.stp') diff --git a/testsuite/systemtap.base/overflow-get_argv.stp b/testsuite/systemtap.base/overflow-get_argv.stp deleted file mode 100644 index 159ef4a8..00000000 --- a/testsuite/systemtap.base/overflow-get_argv.stp +++ /dev/null @@ -1,62 +0,0 @@ -// PR11234: __get_argv can overflow its return buffer - -// __get_argv has a signature like this: -// struct function___get_argv_locals { -// int64_t a; -// int64_t first; -// string_t __retvalue; -// } function___get_argv; -// -// These functions are meant to have an overlap such that we can tell if -// __get_argv overran its __retvalue. -// -// int64_t x; -// int64_t y; -// string_t z; -// string_t __retvalue; -// -// NB: __retvalue[0] always gets cleared on call, but the rest should be -// untouched, so we can use it as a sentinal. - -function clear:string(x:long, y:long, z:string) %{ - memset(THIS->__retvalue, 0, MAXSTRINGLEN); -%} - -function check:string(x:long, y:long, z:string) %{ - int i, bad = 0; - for (i=1; i__retvalue[i]) - ++bad; - - if (bad) - snprintf(THIS->__retvalue, MAXSTRINGLEN, "%d non-zero bytes", bad); - else - strlcpy(THIS->__retvalue, "ok", MAXSTRINGLEN); -%} - -global result = "untested" - -probe syscall.execve { - if (pid() != target()) - next - - clear(0, 0, "") - foo = __get_argv($argv, 0) - result = check(0, 0, "") - - // ensure that foo isn't optimized away - if (foo == "foo") - next -} - -probe begin { - println("systemtap starting probe") -} - -probe end { - println("systemtap ending probe") - if (result == "ok") - println("systemtap test success") - else - println("systemtap test failure: ", result) -} -- cgit