Bug #14236
closed
signed math leads getelfshdr astray
100%
Description
This is an upstream of https://smartos.org/bugview/OS-6158 from illumos-joyent.
As several crashdumps have demonstrated, there are several parts of the in-kernel ELF handling which could benefit from having their unnecessary and incorrect use of signed types be cleaned up.
As part of the integration into illumos-joyent, the code was tested using https://github.com/IOActive/Melkor_ELF_Fuzzer
The same approach should be taken with the merge into gate.
Related issues
Updated by Andy Fiddaman over 1 year ago
- Related to Bug #10505: elfexec() should keep to unsigned types when processing PT_DYNAMIC added
Updated by Andy Fiddaman over 1 year ago
- Related to Bug #14242: programs that lack PT_PHDR are not properly loaded added
Updated by Andy Fiddaman over 1 year ago
I've tested this with a suite of corrupt and crafted ELF files that previously caused the system to variously panic, hang (usually due to all kernel memory being consumed) or end up with unkillable processes. In all cases, the patched system dealt with them correctly.
I also ran 50,000 fuzzed ELF files generated by https://github.com/omniosorg/Melkor_ELF_Fuzzer (the illumos branch there) with no problems. Previously, a run would stop within the first 100 or so files.
Using systems onud to these DEBUG and non-DEBUG bits, I've done full illumos-gate and omnios-userland builds with no problems.
Updated by Andy Fiddaman 9 months ago
In addition to the above testing, I also re-ran the core file content tests introduced in #13925
% ./coretests TEST PASSED: kernel dumper.32 none TEST PASSED: gcore dumper.32 none TEST PASSED: kernel dumper.64 none TEST PASSED: gcore dumper.64 none TEST PASSED: kernel dumper.32 ctf TEST PASSED: gcore dumper.32 ctf TEST PASSED: kernel dumper.64 ctf TEST PASSED: gcore dumper.64 ctf TEST PASSED: kernel dumper.32 debug TEST PASSED: gcore dumper.32 debug TEST PASSED: kernel dumper.64 debug TEST PASSED: gcore dumper.64 debug TEST PASSED: kernel dumper.32 symtab TEST PASSED: gcore dumper.32 symtab TEST PASSED: kernel dumper.64 symtab TEST PASSED: gcore dumper.64 symtab TEST PASSED: kernel dumper.32 ctf+debug+symtab TEST PASSED: gcore dumper.32 ctf+debug+symtab TEST PASSED: kernel dumper.64 ctf+debug+symtab TEST PASSED: gcore dumper.64 ctf+debug+symtab TEST PASSED: kernel dumper.32 anon+data+ctf+debug+symtab TEST PASSED: gcore dumper.32 anon+data+ctf+debug+symtab TEST PASSED: kernel dumper.64 anon+data+ctf+debug+symtab TEST PASSED: gcore dumper.64 anon+data+ctf+debug+symtab TEST PASSED: kernel dumper.32 default TEST PASSED: gcore dumper.32 default TEST PASSED: kernel dumper.64 default TEST PASSED: gcore dumper.64 default TEST PASSED: kernel dumper.32 default-ctf-debug-symtab TEST PASSED: gcore dumper.32 default-ctf-debug-symtab TEST PASSED: kernel dumper.64 default-ctf-debug-symtab TEST PASSED: gcore dumper.64 default-ctf-debug-symtab TEST PASSED: kernel dumper.32 default+debug TEST PASSED: gcore dumper.32 default+debug TEST PASSED: kernel dumper.64 default+debug TEST PASSED: gcore dumper.64 default+debug TEST PASSED: kernel dumper.32 default-symtab TEST PASSED: gcore dumper.32 default-symtab TEST PASSED: kernel dumper.64 default-symtab TEST PASSED: gcore dumper.64 default-symtab All tests passed successfully
Updated by Electric Monk 9 months ago
- Status changed from In Progress to Closed
- % Done changed from 0 to 100
git commit 4e18e297380f99d39327599157792494d044942a
commit 4e18e297380f99d39327599157792494d044942a
Author: Patrick Mooney <pmooney@pfmooney.com>
Date: 2022-09-13T19:40:22.000Z
14236 signed math leads getelfshdr astray
14242 programs that lack PT_PHDR are not properly loaded
Portions contributed by: Bryan Cantrill <bryan@joyent.com>
Portions contributed by: Andy Fiddaman <illumos@fiddaman.net>
Reviewed by: Robert Mustacchi <rm+illumos@fingolfin.org>
Reviewed by: Patrick Mooney <pmooney@pfmooney.com>
Reviewed by: Andy Fiddaman <illumos@fiddaman.net>
Approved by: Rich Lowe <richlowe@richlowe.net>