From add127dbf918b5c03c2d79a5d31dde689c17dcf4 Mon Sep 17 00:00:00 2001 From: Mark Wielaard Date: Thu, 2 Mar 2017 11:14:36 +0000 Subject: [PATCH] Fix two safe_to_deref/sizeof mismatches in sys_sigaction/sys_rt_sigaction. Before dereferencing the sigaction pointer and reading the fields we need to make sure the whole struct is safe_to_deref. We were using the size of the pointer, but needed the size of the struct. git-svn-id: svn://svn.valgrind.org/valgrind/trunk@16258 --- coregrind/m_syswrap/syswrap-linux.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c index 03064aa37..02fb127c7 100644 --- a/coregrind/m_syswrap/syswrap-linux.c +++ b/coregrind/m_syswrap/syswrap-linux.c @@ -3715,7 +3715,7 @@ PRE(sys_sigaction) PRE_MEM_READ( "sigaction(act->sa_handler)", (Addr)&sa->ksa_handler, sizeof(sa->ksa_handler)); PRE_MEM_READ( "sigaction(act->sa_mask)", (Addr)&sa->sa_mask, sizeof(sa->sa_mask)); PRE_MEM_READ( "sigaction(act->sa_flags)", (Addr)&sa->sa_flags, sizeof(sa->sa_flags)); - if (ML_(safe_to_deref)(sa,sizeof(sa)) + if (ML_(safe_to_deref)(sa,sizeof(struct vki_old_sigaction)) && (sa->sa_flags & VKI_SA_RESTORER)) PRE_MEM_READ( "sigaction(act->sa_restorer)", (Addr)&sa->sa_restorer, sizeof(sa->sa_restorer)); } @@ -3828,7 +3828,7 @@ PRE(sys_rt_sigaction) PRE_MEM_READ( "rt_sigaction(act->sa_handler)", (Addr)&sa->ksa_handler, sizeof(sa->ksa_handler)); PRE_MEM_READ( "rt_sigaction(act->sa_mask)", (Addr)&sa->sa_mask, sizeof(sa->sa_mask)); PRE_MEM_READ( "rt_sigaction(act->sa_flags)", (Addr)&sa->sa_flags, sizeof(sa->sa_flags)); - if (ML_(safe_to_deref)(sa,sizeof(sa)) + if (ML_(safe_to_deref)(sa,sizeof(vki_sigaction_toK_t)) && (sa->sa_flags & VKI_SA_RESTORER)) PRE_MEM_READ( "rt_sigaction(act->sa_restorer)", (Addr)&sa->sa_restorer, sizeof(sa->sa_restorer)); }