Re: [Announce] Strace Test
From: Nikita Danilov
Date: Thu Feb 19 2004 - 05:52:28 EST
Andrew Morton writes:
> Nikita Danilov <Nikita@xxxxxxxxxxx> wrote:
> >
> > > Strace Test uses a modified version of strace 4.5.1.
> > > Instead of printing out information about system calls,
> > > the modified version calls the syscalls with improper
> > > values.
> >
> > It immediately DoSes kernel by calling sys_sysctl() with huge nlen:
> > printk() consumes all CPU.
>
> Something like this?
On slow console (serial kgdb) this still would be problematic. I think
printk_ratelimit() is needed. But why this loop is needed at all? It
seems strange that syscall prints its arguments instead of just
returning -EINVAL.
>
> --- 25/kernel/sysctl.c~sysctl-nlen-check 2004-02-19 02:36:20.000000000 -0800
> +++ 25-akpm/kernel/sysctl.c 2004-02-19 02:37:40.000000000 -0800
> @@ -913,6 +913,9 @@ asmlinkage long sys_sysctl(struct __sysc
>
> if (copy_from_user(&tmp, args, sizeof(tmp)))
> return -EFAULT;
> +
> + if (tmp.nlen < 0 || tmp.nlen > CTL_MAXNAME)
> + return -EINVAL;
>
> if (tmp.nlen != 2 || copy_from_user(name, tmp.name, sizeof(name)) ||
> name[0] != CTL_KERN || name[1] != KERN_VERSION) {
Nikita.
>
> _
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/