[PATCH 1/3] lib: fwts_acpi_tables: add a new function to check Reserved field

Alex Hung alex.hung at canonical.com
Thu Sep 7 09:38:14 UTC 2017 

On Thu, Sep 7, 2017 at 1:21 AM, Colin Ian King <colin.king at canonical.com> wrote:
> On 07/09/17 01:34, Alex Hung wrote:
>> Signed-off-by: Alex Hung <alex.hung at canonical.com>
>> ---
>>  src/lib/include/fwts_acpi_tables.h |  2 ++
>>  src/lib/src/fwts_acpi_tables.c     | 44 ++++++++++++++++++++++++++++++++++++++
>>  2 files changed, 46 insertions(+)
>>
>> diff --git a/src/lib/include/fwts_acpi_tables.h b/src/lib/include/fwts_acpi_tables.h
>> index 2527984..d478d99 100644
>> --- a/src/lib/include/fwts_acpi_tables.h
>> +++ b/src/lib/include/fwts_acpi_tables.h
>> @@ -53,6 +53,8 @@ bool fwts_acpi_obj_find(fwts_framework *fw, const char *obj_name);
>>
>>  fwts_bool fwts_acpi_is_reduced_hardware(const fwts_acpi_table_fadt *fadt);
>>
>> +void fwts_acpi_reserved_zero_check(fwts_framework *fw, const char *table, const char *field, uint64_t value, uint8_t size, bool *passed);
>> +
>>  #endif
>>
>>  #endif
>> diff --git a/src/lib/src/fwts_acpi_tables.c b/src/lib/src/fwts_acpi_tables.c
>> index 3c3a63a..5a2450b 100644
>> --- a/src/lib/src/fwts_acpi_tables.c
>> +++ b/src/lib/src/fwts_acpi_tables.c
>> @@ -1383,4 +1383,48 @@ bool fwts_acpi_obj_find(fwts_framework *fw, const char *obj_name)
>>       return found;
>>  }
>>
>> +/*
>> + *  fwts_acpi_reserved_zero_check()
>> + *  verify whether the reserved field is zero
>> + */
>> +void fwts_acpi_reserved_zero_check(
>> +     fwts_framework *fw,
>> +     const char *table,
>> +     const char *field,
>> +     uint64_t value,
>> +     uint8_t size,
>> +     bool *passed)
>> +{
>> +     if (value != 0) {
>> +             char *label = malloc(20);
>
> There is no null check on label if malloc fails. Probably better to just
> put thus on the stack.
>
>                 char label[20];

I also tried this but it gave me buffer overflow as well; however,
that can be fixed by setting 0 to the array, ex "memset(label, 0,
sizeof(label))".

Let me fix this in V2 later.

>
>> +             strncpy(label, table, 4);       /* ACPI table name is 4 char long */
>> +             strncat(label, "ReservedNonZero", strlen("ReservedNonZero"));
>> +
>> +             switch (size) {
>> +             case sizeof(uint8_t):
>> +                     fwts_failed(fw, LOG_LEVEL_MEDIUM, label,
>> +                             "%4.4s %s field must be zero, got "
>> +                             "0x%2.2" PRIx8 " instead", table, field, (uint8_t)value);
>> +                     break;
>> +             case sizeof(uint16_t):
>> +                     fwts_failed(fw, LOG_LEVEL_MEDIUM, label,
>> +                             "%4.4s %s field must be zero, got "
>> +                             "0x%4.4" PRIx16 " instead", table, field, (uint16_t)value);
>> +                     break;
>> +             case sizeof(uint32_t):
>> +                     fwts_failed(fw, LOG_LEVEL_MEDIUM, label,
>> +                             "%4.4s %s field must be zero, got "
>> +                             "0x%8.8" PRIx32 " instead", table, field, (uint32_t)value);
>> +                     break;
>> +             case sizeof(uint64_t):
>> +                     fwts_failed(fw, LOG_LEVEL_MEDIUM, label,
>> +                             "%4.4s %s field must be zero, got "
>> +                             "0x%16.16" PRIx64 " instead", table, field, value);
>> +                     break;
>> +             }
>> +             *passed = false;
>> +             free(label);
>> +     }
>> +}
>> +
>>  #endif
>>
>
> I've hitting the following errors when running the regression tests:
>
> *** buffer overflow detected ***: /home/king/repos/fwts/src/.libs/fwts
> terminated
> ======= Backtrace: =========
> /lib/x86_64-linux-gnu/libc.so.6(+0x790bb)[0x7f527558d0bb]
> /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x54)[0x7f527562eee4]
> /lib/x86_64-linux-gnu/libc.so.6(+0x118e60)[0x7f527562ce60]
> /lib/x86_64-linux-gnu/libc.so.6(__strcat_chk+0x60)[0x7f527562c180]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(fwts_acpi_reserved_zero_check+0x63)[0x7f5275f09723]
> /home/king/repos/fwts/src/.libs/fwts(+0x1b963)[0x510789c963]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(+0x1633e)[0x7f5275f1033e]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(fwts_framework_args+0x7eb)[0x7f5275f11ceb]
> /home/king/repos/fwts/src/.libs/fwts(+0x1842a)[0x510789942a]
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f5275534421]
> /home/king/repos/fwts/src/.libs/fwts(+0x195aa)[0x510789a5aa]
>
> FAIL: fwts-test/asf-0001/test-0002.sh
>
>
>
> *** buffer overflow detected ***: /home/king/repos/fwts/src/.libs/fwts
> terminated
> ======= Backtrace: =========
> /lib/x86_64-linux-gnu/libc.so.6(+0x790bb)[0x7fa5ae1620bb]
> /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x54)[0x7fa5ae203ee4]
> /lib/x86_64-linux-gnu/libc.so.6(+0x118e60)[0x7fa5ae201e60]
> /lib/x86_64-linux-gnu/libc.so.6(__strcat_chk+0x60)[0x7fa5ae201180]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(fwts_acpi_reserved_zero_check+0x63)[0x7fa5aeade723]
> /home/king/repos/fwts/src/.libs/fwts(+0x23d7e)[0xcb60bf0d7e]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(+0x1633e)[0x7fa5aeae533e]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(fwts_framework_args+0x7eb)[0x7fa5aeae6ceb]
> /home/king/repos/fwts/src/.libs/fwts(+0x1842a)[0xcb60be542a]
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7fa5ae109421]
> /home/king/repos/fwts/src/.libs/fwts(+0x195aa)[0xcb60be65aa]
>
> FAIL: fwts-test/erst-0001/test-0002.sh
>
>
> *** buffer overflow detected ***: /home/king/repos/fwts/src/.libs/fwts
> terminated
> ======= Backtrace: =========
> /lib/x86_64-linux-gnu/libc.so.6(+0x790bb)[0x7f9d15a0d0bb]
> /lib/x86_64-linux-gnu/libc.so.6(__fortify_fail+0x54)[0x7f9d15aaeee4]
> /lib/x86_64-linux-gnu/libc.so.6(+0x118e60)[0x7f9d15aace60]
> /lib/x86_64-linux-gnu/libc.so.6(__strcat_chk+0x60)[0x7f9d15aac180]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(fwts_acpi_reserved_zero_check+0x63)[0x7f9d16389723]
> /home/king/repos/fwts/src/.libs/fwts(+0x2f81a)[0xb8fa70f81a]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(+0x1633e)[0x7f9d1639033e]
> /home/king/repos/fwts/src/lib/src/.libs/libfwts.so.1(fwts_framework_args+0x7eb)[0x7f9d16391ceb]
> /home/king/repos/fwts/src/.libs/fwts(+0x1842a)[0xb8fa6f842a]
> /lib/x86_64-linux-gnu/libc.so.6(__libc_start_main+0xf1)[0x7f9d159b4421]
> /home/king/repos/fwts/src/.libs/fwts(+0x195aa)[0xb8fa6f95aa]
>
> FAIL: fwts-test/hmat-0001/test-0002.sh
>
> etc..
>
> # FAIL:  12
>
> So I think this needs a little more re-working.
>
> Cheers,
>
> Colin
>
> --
> fwts-devel mailing list
> fwts-devel at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/fwts-devel



-- 
Cheers,
Alex Hung

More information about the fwts-devel mailing list