ba355a609a
0001-Prepare-NEWS-for-branch-3.23-fixes.patch 0002-486180-MIPS-VexGuestArchState-has-no-member-named-gu.patch 0003-Bug-486293-memccpy-false-positives.patch 0004-Bug-486569-linux-inotify_init-syscall-wrapper-missin.patch 0005-aarch64-frinta-and-frinta-vector-instructions.patch 0006-mips-skip-using-shared-syscall-numbers-for-mips32.patch 0007-Fix-uninitialized-err-in-handle_extension.patch 0008-Avoid-use-of-guest_IP_AT_SYSCALL-in-handle_extension.patch 0009-s390x-Minor-fixes-in-extension-s390x.c.patch 0010-Bug-453044-gbserver_tests-failures-in-aarch64.patch 0011-Linux-regtest-reallocarray-needs-malloc.h.patch 0012-Bug-487439-SIGILL-in-JDK11-JDK17.patch 0013-Don-t-leave-fds-created-with-log-file-xml-file-or-lo.patch 0014-Close-both-internal-pipe-fds-after-VG_-fork-in-paren.patch 0015-Don-t-allow-programs-calling-fnctl-on-valgrind-s-own.patch 0016-mips-skip-using-shared-syscall-numbers-for-mips64.patch 0017-gdbserver_tests-filters-remove-python-rpm-module-loa.patch 0018-Implement-VMOVQ-xmm1-xmm2-m64.patch 0019-arm64-Fix-fcvtas-instruction.patch 0020-gdbserver_tests-filters-remove-more-verbose-python-r.patch 0021-Avoid-dev-inode-check-on-btrfs-with-sanity-level-3.patch Resolves: #RHEL-46588 Add valgrind 3.23 stable branch fixes (rhel-10-beta)
59 lines
1.8 KiB
Diff
59 lines
1.8 KiB
Diff
From 2272233d23a5431e14b3c9385d2b4b66e0e8f0fd Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Alexandra=20H=C3=A1jkov=C3=A1?= <ahajkova@redhat.com>
|
|
Date: Thu, 20 Jun 2024 07:45:56 -0400
|
|
Subject: [PATCH 15/15] Don't allow programs calling fnctl on valgrind's own
|
|
file descriptors
|
|
|
|
Add a call to ML_(fd_allowed) in the PRE handler of fcntl and fcntl64
|
|
and block syscalls with EBADF when the file descriptor isn't allowed
|
|
to be used by the program.
|
|
|
|
https://bugs.kde.org/show_bug.cgi?id=337388
|
|
(cherry picked from commit 4b83e3d47daaf5eff2ca96867a8c790e13830eb5)
|
|
---
|
|
NEWS | 1 +
|
|
coregrind/m_syswrap/syswrap-linux.c | 8 ++++++++
|
|
2 files changed, 9 insertions(+)
|
|
|
|
diff --git a/NEWS b/NEWS
|
|
index 94789a04ba9e..523380a98fe5 100644
|
|
--- a/NEWS
|
|
+++ b/NEWS
|
|
@@ -7,6 +7,7 @@ The following bugs have been fixed or resolved on this branch.
|
|
|
|
202770 open fd at exit --log-socket=127.0.0.1:1500 with --track-fds=yes
|
|
311655 --log-file=FILE leads to apparent fd leak
|
|
+337388 fcntl works on Valgrind's own file descriptors
|
|
453044 gbserver_tests failures in aarch64
|
|
479661 Valgrind leaks file descriptors
|
|
486180 [MIPS] 'VexGuestArchState' has no member named 'guest_IP_AT_SYSCALL'
|
|
diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c
|
|
index 45413fdd9ef5..9f3c51c17948 100644
|
|
--- a/coregrind/m_syswrap/syswrap-linux.c
|
|
+++ b/coregrind/m_syswrap/syswrap-linux.c
|
|
@@ -6978,6 +6978,10 @@ PRE(sys_fcntl)
|
|
if (ARG2 == VKI_F_SETLKW)
|
|
# endif
|
|
*flags |= SfMayBlock;
|
|
+
|
|
+ if (!ML_(fd_allowed)(ARG1, "fcntl", tid, False)) {
|
|
+ SET_STATUS_Failure (VKI_EBADF);
|
|
+ }
|
|
}
|
|
|
|
POST(sys_fcntl)
|
|
@@ -7088,6 +7092,10 @@ PRE(sys_fcntl64)
|
|
if (ARG2 == VKI_F_SETLKW)
|
|
# endif
|
|
*flags |= SfMayBlock;
|
|
+
|
|
+ if (!ML_(fd_allowed)(ARG1, "fcntl64", tid, False)) {
|
|
+ SET_STATUS_Failure (VKI_EBADF);
|
|
+ }
|
|
}
|
|
|
|
POST(sys_fcntl64)
|
|
--
|
|
2.45.2
|
|
|