From b2e469f2d7bb52e35418b14c7126451f99e479c7 Mon Sep 17 00:00:00 2001 From: MSVSphere Packaging Team Date: Fri, 6 Dec 2024 09:44:24 +0300 Subject: [PATCH] import trace-cmd-3.3.1-1.el10 --- .gitignore | 2 +- .trace-cmd.metadata | 2 +- ...Prevent-buffer-overrun-in-dump_clock.patch | 34 +++++++++++ ...eck-the-return-value-of-do_lseek-in-.patch | 36 ++++++++++++ ...event-a-memory-leak-in-handle_option.patch | 57 +++++++++++++++++++ ...event-memory-leak-in-tracecmd_create.patch | 33 +++++++++++ ...m-Prevent-a-memory-leak-in-trace_mem.patch | 36 ++++++++++++ ...-Check-the-length-of-the-protocol-ve.patch | 39 +++++++++++++ ...-Prevent-a-memory-leak-in-show_error.patch | 38 +++++++++++++ ...-Prevent-memory-leak-in-setup_networ.patch | 41 +++++++++++++ SPECS/trace-cmd.spec | 17 +++++- 11 files changed, 330 insertions(+), 5 deletions(-) create mode 100644 SOURCES/trace-cmd-dump-Prevent-buffer-overrun-in-dump_clock.patch create mode 100644 SOURCES/trace-cmd-lib-Check-the-return-value-of-do_lseek-in-.patch create mode 100644 SOURCES/trace-cmd-lib-Prevent-a-memory-leak-in-handle_option.patch create mode 100644 SOURCES/trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch create mode 100644 SOURCES/trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch create mode 100644 SOURCES/trace-cmd-record-Check-the-length-of-the-protocol-ve.patch create mode 100644 SOURCES/trace-cmd-record-Prevent-a-memory-leak-in-show_error.patch create mode 100644 SOURCES/trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch diff --git a/.gitignore b/.gitignore index 2b52f35..46a65fc 100644 --- a/.gitignore +++ b/.gitignore @@ -1 +1 @@ -SOURCES/trace-cmd-v3.2.tar.gz +SOURCES/trace-cmd-v3.3.1.tar.gz diff --git a/.trace-cmd.metadata b/.trace-cmd.metadata index 5395942..091aa57 100644 --- a/.trace-cmd.metadata +++ b/.trace-cmd.metadata @@ -1 +1 @@ -b3023760aa10382524f6d6216945da3ec705345a SOURCES/trace-cmd-v3.2.tar.gz +64519b528debd300fe6734767b314df8d534994f SOURCES/trace-cmd-v3.3.1.tar.gz diff --git a/SOURCES/trace-cmd-dump-Prevent-buffer-overrun-in-dump_clock.patch b/SOURCES/trace-cmd-dump-Prevent-buffer-overrun-in-dump_clock.patch new file mode 100644 index 0000000..e42cf42 --- /dev/null +++ b/SOURCES/trace-cmd-dump-Prevent-buffer-overrun-in-dump_clock.patch @@ -0,0 +1,34 @@ +From 7a0d3baf2ab09f7a729e4de592b784e307caa70f Mon Sep 17 00:00:00 2001 +From: Jerome Marchand +Date: Tue, 29 Oct 2024 09:01:13 +0100 +Subject: [PATCH 4/8] trace-cmd dump: Prevent buffer overrun in dump_clock() + +The clock isn't big enough to hold the string with the null +terminating character. Worse, clock[size], which is out of range, is +set to 0. Allocate a big enough buffer. + +Fixes an OVERRUN error (CWE-119) + +Link: https://lore.kernel.org/20241029080117.625177-5-jmarchan@redhat.com +Signed-off-by: Jerome Marchand +Signed-off-by: Steven Rostedt (Google) +--- + tracecmd/trace-dump.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tracecmd/trace-dump.c b/tracecmd/trace-dump.c +index 11c1baf1..0a21356e 100644 +--- a/tracecmd/trace-dump.c ++++ b/tracecmd/trace-dump.c +@@ -961,7 +961,7 @@ static void dump_clock(int fd) + } + if (read_file_number(fd, &size, 8)) + die("cannot read clock size"); +- clock = calloc(1, size); ++ clock = calloc(1, size + 1); + if (!clock) + die("cannot allocate clock %lld bytes", size); + +-- +2.47.0 + diff --git a/SOURCES/trace-cmd-lib-Check-the-return-value-of-do_lseek-in-.patch b/SOURCES/trace-cmd-lib-Check-the-return-value-of-do_lseek-in-.patch new file mode 100644 index 0000000..d95c8ea --- /dev/null +++ b/SOURCES/trace-cmd-lib-Check-the-return-value-of-do_lseek-in-.patch @@ -0,0 +1,36 @@ +From ea419e8e8f5e56c166b14aef26be814daebe2832 Mon Sep 17 00:00:00 2001 +From: Jerome Marchand +Date: Tue, 29 Oct 2024 09:01:12 +0100 +Subject: [PATCH 3/8] trace-cmd lib: Check the return value of do_lseek() in + trace_get_options() + +Check that do_lseek doesn't fail before calling malloc() with a -1 +argument. + +This is flagged as an overrun error (CWE-119) by static anaysis +because of the call to read() later, but I don't imagine that malloc +would succeed. + +Link: https://lore.kernel.org/20241029080117.625177-4-jmarchan@redhat.com +Signed-off-by: Jerome Marchand +Signed-off-by: Steven Rostedt (Google) +--- + lib/trace-cmd/trace-output.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/lib/trace-cmd/trace-output.c b/lib/trace-cmd/trace-output.c +index 66e11ddc..8bc9325c 100644 +--- a/lib/trace-cmd/trace-output.c ++++ b/lib/trace-cmd/trace-output.c +@@ -2070,6 +2070,8 @@ __hidden void *trace_get_options(struct tracecmd_output *handle, size_t *len) + } + + offset = do_lseek(&out_handle, 0, SEEK_CUR); ++ if (offset == (off_t)-1) ++ goto out; + buf = malloc(offset); + if (!buf) + goto out; +-- +2.47.0 + diff --git a/SOURCES/trace-cmd-lib-Prevent-a-memory-leak-in-handle_option.patch b/SOURCES/trace-cmd-lib-Prevent-a-memory-leak-in-handle_option.patch new file mode 100644 index 0000000..2196854 --- /dev/null +++ b/SOURCES/trace-cmd-lib-Prevent-a-memory-leak-in-handle_option.patch @@ -0,0 +1,57 @@ +From 3be4066b9a9c6a76a824fc7a7a6a983fd23088a7 Mon Sep 17 00:00:00 2001 +From: Jerome Marchand +Date: Tue, 29 Oct 2024 09:01:10 +0100 +Subject: [PATCH 1/8] trace-cmd lib: Prevent a memory leak in handle_options() + +Buf isn't always fred in the error path. Instead of freing buf at the +end of the loop, free it in the exit path and before reallocating it. + +Fixes a RESOURCE_LEAK error (CWE-772) + +Link: https://lore.kernel.org/20241029080117.625177-2-jmarchan@redhat.com +Signed-off-by: Jerome Marchand +Signed-off-by: Steven Rostedt (Google) +--- + lib/trace-cmd/trace-input.c | 7 +++---- + 1 file changed, 3 insertions(+), 4 deletions(-) + +diff --git a/lib/trace-cmd/trace-input.c b/lib/trace-cmd/trace-input.c +index 8b6e3d0c..ad662fc6 100644 +--- a/lib/trace-cmd/trace-input.c ++++ b/lib/trace-cmd/trace-input.c +@@ -4006,7 +4006,7 @@ static int handle_options(struct tracecmd_input *handle) + char *cpustats = NULL; + struct hook_list *hook; + bool compress = false; +- char *buf; ++ char *buf = NULL; + int cpus; + int ret; + +@@ -4036,6 +4036,7 @@ static int handle_options(struct tracecmd_input *handle) + ret = read4(handle, &size); + if (ret) + goto out; ++ free(buf); + buf = malloc(size); + if (!buf) { + ret = -ENOMEM; +@@ -4189,14 +4190,12 @@ static int handle_options(struct tracecmd_input *handle) + tracecmd_warning("unknown option %d", option); + break; + } +- +- free(buf); +- + } + + ret = 0; + + out: ++ free(buf); + if (compress) + in_uncompress_reset(handle); + return ret; +-- +2.47.0 + diff --git a/SOURCES/trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch b/SOURCES/trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch new file mode 100644 index 0000000..af829cb --- /dev/null +++ b/SOURCES/trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch @@ -0,0 +1,33 @@ +From cbe42ab193ac866e9a6644b8509ab341a8aa474d Mon Sep 17 00:00:00 2001 +From: Jerome Marchand +Date: Tue, 29 Oct 2024 09:01:15 +0100 +Subject: [PATCH 6/8] trace-cmd lib: Prevent memory leak in + tracecmd_create_event_hook() + +Free hook and hook->str in the error path. + +Fixes a RESOURCE_LEAK error (CWE-772) + +Link: https://lore.kernel.org/20241029080117.625177-7-jmarchan@redhat.com +Signed-off-by: Jerome Marchand +Signed-off-by: Steven Rostedt (Google) +--- + lib/trace-cmd/trace-hooks.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/lib/trace-cmd/trace-hooks.c b/lib/trace-cmd/trace-hooks.c +index a58b5356..aa12f6e9 100644 +--- a/lib/trace-cmd/trace-hooks.c ++++ b/lib/trace-cmd/trace-hooks.c +@@ -151,6 +151,8 @@ struct hook_list *tracecmd_create_event_hook(const char *arg) + + invalid_tok: + tracecmd_warning("Invalid hook format '%s'", arg); ++ free(hook->str); ++ free(hook); + return NULL; + } + +-- +2.47.0 + diff --git a/SOURCES/trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch b/SOURCES/trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch new file mode 100644 index 0000000..f8e9343 --- /dev/null +++ b/SOURCES/trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch @@ -0,0 +1,36 @@ +From b0e1a9c5c099282d30fee8f6aa89bd12ce5e8a73 Mon Sep 17 00:00:00 2001 +From: Jerome Marchand +Date: Tue, 29 Oct 2024 09:01:16 +0100 +Subject: [PATCH 7/8] trace-cmd mem: Prevent a memory leak in trace_mem() + +Close the tracecmd handle in the error path. + +Fixes a RESOURCE_LEAK error (CWE-772) + +Link: https://lore.kernel.org/20241029080117.625177-8-jmarchan@redhat.com +Signed-off-by: Jerome Marchand +Signed-off-by: Steven Rostedt (Google) +--- + tracecmd/trace-mem.c | 6 ++---- + 1 file changed, 2 insertions(+), 4 deletions(-) + +diff --git a/tracecmd/trace-mem.c b/tracecmd/trace-mem.c +index 3e1ac9f3..b8babbbc 100644 +--- a/tracecmd/trace-mem.c ++++ b/tracecmd/trace-mem.c +@@ -554,10 +554,8 @@ void trace_mem(int argc, char **argv) + die("can't open %s\n", input_file); + + ret = tracecmd_read_headers(handle, 0); +- if (ret) +- return; +- +- do_trace_mem(handle); ++ if (!ret) ++ do_trace_mem(handle); + + tracecmd_close(handle); + } +-- +2.47.0 + diff --git a/SOURCES/trace-cmd-record-Check-the-length-of-the-protocol-ve.patch b/SOURCES/trace-cmd-record-Check-the-length-of-the-protocol-ve.patch new file mode 100644 index 0000000..2ad001a --- /dev/null +++ b/SOURCES/trace-cmd-record-Check-the-length-of-the-protocol-ve.patch @@ -0,0 +1,39 @@ +From 75d8bba90d8b4cbe1a80381f1dfbd80cbb0fbd60 Mon Sep 17 00:00:00 2001 +From: Jerome Marchand +Date: Tue, 29 Oct 2024 09:01:17 +0100 +Subject: [PATCH 8/8] trace-cmd record: Check the length of the protocol + version received + +In check_protocol_version we compare the protocol version string with +the expected one ("V3") with memcmp(). The received string could be +longer than the constant string used for the comparison. That could +lead to out of range access. + +Use the known length of the fixed "V3" string for the comparison and +check that the received protocol version is not too short. + +Fixes a OVERRUN error (CWE-119) + +Link: https://lore.kernel.org/20241029080117.625177-9-jmarchan@redhat.com +Signed-off-by: Jerome Marchand +Signed-off-by: Steven Rostedt (Google) +--- + tracecmd/trace-record.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c +index d78c13c2..febf8578 100644 +--- a/tracecmd/trace-record.c ++++ b/tracecmd/trace-record.c +@@ -3811,7 +3811,7 @@ static void check_protocol_version(struct tracecmd_msg_handle *msg_handle) + msg_handle->version = V1_PROTOCOL; + tracecmd_plog("Use the v1 protocol\n"); + } else { +- if (memcmp(buf, "V3", n) != 0) ++ if (n < 3 || memcmp(buf, "V3", 3) != 0) + die("Cannot handle the protocol %s", buf); + /* OK, let's use v3 protocol */ + write(fd, V3_MAGIC, sizeof(V3_MAGIC)); +-- +2.47.0 + diff --git a/SOURCES/trace-cmd-record-Prevent-a-memory-leak-in-show_error.patch b/SOURCES/trace-cmd-record-Prevent-a-memory-leak-in-show_error.patch new file mode 100644 index 0000000..49be9ce --- /dev/null +++ b/SOURCES/trace-cmd-record-Prevent-a-memory-leak-in-show_error.patch @@ -0,0 +1,38 @@ +From 8e7de34bca5fdfcd8276116db4dd02308de0e194 Mon Sep 17 00:00:00 2001 +From: Jerome Marchand +Date: Tue, 29 Oct 2024 09:01:11 +0100 +Subject: [PATCH 2/8] trace-cmd record: Prevent a memory leak in show_error() + +In show_error() the pointer p is used for several functions. At first, +it contain a substring of path. + +Then it is replaced by either an allocated string containing the path +to the error log file or the result of read_path(), neither of which +are freed when exiting. + +Free p in both case in the exit path. + +Fixes a RESOURCE_LEAK error (CWE-772) + +Link: https://lore.kernel.org/20241029080117.625177-3-jmarchan@redhat.com +Signed-off-by: Jerome Marchand +Signed-off-by: Steven Rostedt (Google) +--- + tracecmd/trace-record.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c +index 0063d528..bdfa57b0 100644 +--- a/tracecmd/trace-record.c ++++ b/tracecmd/trace-record.c +@@ -2374,6 +2374,7 @@ static void show_error(const char *file, const char *type) + + out: + printf("Failed %s of %s\n", type, file); ++ free(p); + free(path); + return; + } +-- +2.47.0 + diff --git a/SOURCES/trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch b/SOURCES/trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch new file mode 100644 index 0000000..9acbec8 --- /dev/null +++ b/SOURCES/trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch @@ -0,0 +1,41 @@ +From e48db64dcb0dfddb6b8f6cd8624e1e2ff2c1302c Mon Sep 17 00:00:00 2001 +From: Jerome Marchand +Date: Tue, 29 Oct 2024 09:01:14 +0100 +Subject: [PATCH 5/8] trace-cmd record: Prevent memory leak in setup_network() + +Because of the again label, msg_handle can be already allocated if we +exit after we got a negative socket file descriptor. Free it there. +Also unassign msg_handle->fd as to not double close sfd. + +Fixes a RESOURCE_LEAK error (CWE-772) + +Link: https://lore.kernel.org/20241029080117.625177-6-jmarchan@redhat.com +Signed-off-by: Jerome Marchand +Signed-off-by: Steven Rostedt (Google) +--- + tracecmd/trace-record.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c +index bdfa57b0..d78c13c2 100644 +--- a/tracecmd/trace-record.c ++++ b/tracecmd/trace-record.c +@@ -3904,6 +3904,7 @@ static struct tracecmd_msg_handle *setup_network(struct buffer_instance *instanc + + if (sfd < 0) { + free(thost); ++ tracecmd_msg_handle_close(msg_handle); + return NULL; + } + +@@ -3934,6 +3935,7 @@ static struct tracecmd_msg_handle *setup_network(struct buffer_instance *instanc + if (msg_handle->version == V1_PROTOCOL) { + /* reconnect to the server for using the v1 protocol */ + close(sfd); ++ msg_handle->fd = -1; + free(host); + host = NULL; + goto again; +-- +2.47.0 + diff --git a/SPECS/trace-cmd.spec b/SPECS/trace-cmd.spec index a2689d0..c66598b 100644 --- a/SPECS/trace-cmd.spec +++ b/SPECS/trace-cmd.spec @@ -2,11 +2,11 @@ #%%global git_commit trace-cmd-v2.6.2 #%%global git_commit 57371aaa2f469d0ba15fd85276deca7bfdd7ce36 -%global srcversion 3.2 +%global srcversion 3.3.1 Name: trace-cmd Version: %{srcversion} -Release: 5%{?dist} +Release: 1%{?dist} License: LGPL-2.1-only AND LGPL-2.1-or-later AND GPL-2.0-only AND GPL-2.0-or-later Summary: A user interface to Ftrace @@ -21,6 +21,14 @@ Source0: https://git.kernel.org/pub/scm/utils/trace-cmd/trace-cmd.git/snapshot/t Source1: trace-cmd.conf Source2: trace-cmd.service Source3: 98-trace-cmd.rules +Patch0: trace-cmd-lib-Prevent-a-memory-leak-in-handle_option.patch +Patch1: trace-cmd-record-Prevent-a-memory-leak-in-show_error.patch +Patch2: trace-cmd-lib-Check-the-return-value-of-do_lseek-in-.patch +Patch3: trace-cmd-dump-Prevent-buffer-overrun-in-dump_clock.patch +Patch4: trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch +Patch5: trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch +Patch6: trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch +Patch7: trace-cmd-record-Check-the-length-of-the-protocol-ve.patch BuildRequires: make BuildRequires: gcc @@ -52,7 +60,7 @@ BuildRequires: python3-devel Python plugin support for trace-cmd %prep -%autosetup -n %{name}-v%{srcversion} +%autosetup -p1 -n %{name}-v%{srcversion} cp %{SOURCE1} . cp %{SOURCE2} . cp %{SOURCE3} . @@ -102,6 +110,9 @@ rm -rf %{buildroot}/%{_mandir}/man3/* %{_libdir}/%{name}/python/ %changelog +* Thu Nov 28 2024 Jerome Marchand - 3.3.1-1 +- Rebase to 3.3.1 and backport further SAST patches (RHEL-40111) + * Tue Oct 29 2024 Troy Dawson - 3.2-5 - Bump release for October 2024 mass rebuild: Resolves: RHEL-64018