[procps] find_elf_note invalid read if setenv has been called before libproc init
Issue
- When
setenv
is called beforelibpro
c is initialized we see invalid reads reported byvalgrind
. - [procps]
find_elf_note
invalid read ifsetenv
has been called beforelibproc
init
# mkdir /tmp/procps
# cd /tmp/procps
# cat main.c
#include<stdio.h>
#include<stdlib.h>
#include<dlfcn.h>
void *FunctionLib;
int (*Function)();
const char *dlError;
int main(){
printf("main()\n");
setenv("TEST_DUMMY_ENV_MUST_NOT_EXIST","X",1);
FunctionLib = dlopen("/tmp/libmyproc.so",RTLD_LAZY);
dlError = dlerror();
if( dlError ) {
printf("dlopen return-%s- \n", dlError);
exit(1);
}
Function = dlsym( FunctionLib, "print_vsize");
dlError = dlerror();
if( dlError ) {
printf("dlsym return-%s- \n", dlError);
exit(1);
}
int rc = (*Function)( );
dlError = dlerror();
if( dlError ) {
printf("function dlerror-%s-\n",dlError);
}
if(dlclose(FunctionLib)){
dlError = dlerror();
if( dlError ) {
printf("dlclose return-%s-\n",dlError);
}
}
}
> cat myproc.h
void print_vsize();
# cat myproc.c
#include "myproc.h"
#include <stdio.h>
#include <proc/readproc.h>
void print_vsize() {
printf("print_vsize()\n");
struct proc_t usage;
look_up_our_self(&usage);
printf("vsize: %lu\n", usage.vsize);
}
# rm -f libmyproc.so /tmp/libmyproc.so main.o ; gcc -fPIC -c myproc.c -lproc
&& gcc -fPIC -c main.c -ldl && gcc -shared myproc.o -o libmyproc.so -lproc
&& gcc main.o -Wl -o main -ldl && cp libmyproc.so /tmp/ &&
# /usr/bin/valgrind --leak-check=yes ./main
==2849== Memcheck, a memory error detector
==2849== Copyright (C) 2002-2012, and GNU GPL'd, by Julian Seward et al.
==2849== Using Valgrind-3.8.1 and LibVEX; rerun with -h for copyright info
==2849== Command: ./main
==2849==
main()
==2849== Invalid read of size 8
==2849== at 0x3CCAC09D8C: ??? (in /lib64/libproc-3.2.8.so)
==2849== by 0x3CCAC0AD55: ??? (in /lib64/libproc-3.2.8.so)
==2849== by 0x3CCAC03712: ??? (in /lib64/libproc-3.2.8.so)
==2849== Address 0x4c22170 is 0 bytes after a block of size 304 alloc'd
==2849== at 0x4A069EE: malloc (vg_replace_malloc.c:270)
==2849== by 0x4A06B62: realloc (vg_replace_malloc.c:662)
==2849== by 0x3CCA83540C: __add_to_environ (in /lib64/libc-2.12.so)
==2849== by 0x4A0A5D9: setenv (mc_replace_strmem.c:1755)
==2849== by 0x4007FF: main (in /tmp/procps/main)
==2849==
==2849== Invalid read of size 8
==2849== at 0x3CCAC09E34: ??? (in /lib64/libproc-3.2.8.so)
==2849== by 0x3CCAC0AD55: ??? (in /lib64/libproc-3.2.8.so)
==2849== by 0x3CCAC03712: ??? (in /lib64/libproc-3.2.8.so)
==2849== Address 0x4c22170 is 0 bytes after a block of size 304 alloc'd
==2849== at 0x4A069EE: malloc (vg_replace_malloc.c:270)
==2849== by 0x4A06B62: realloc (vg_replace_malloc.c:662)
==2849== by 0x3CCA83540C: __add_to_environ (in /lib64/libc-2.12.so)
==2849== by 0x4A0A5D9: setenv (mc_replace_strmem.c:1755)
==2849== by 0x4007FF: main (in /tmp/procps/main)
==2849==
2.4+ kernel w/o ELF notes? -- report this
print_vsize()
vsize: 126840832
==2849==
==2849== HEAP SUMMARY:
==2849== in use at exit: 0 bytes in 0 blocks
==2849== total heap usage: 14 allocs, 14 frees, 3,185 bytes allocated
==2849==
==2849== All heap blocks were freed -- no leaks are possible
==2849==
==2849== For counts of detected and suppressed errors, rerun with: -v
==2849== ERROR SUMMARY: 2 errors from 2 contexts (suppressed: 6 from 6)
Environment
- Red Hat Enterprise Linux 6
- Red Hat Enterprise Linux 7
- procps-3.2.8-25
- procps-ng-3.3.9-6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.