| Message ID | 20230105082609.344538-1-irogers@google.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Delegated to: | BPF |
| Headers | show |
| Series | [v1] perf llvm: Fix inadvertent file creation | expand |
On Thu, Jan 5, 2023 at 12:26 AM Ian Rogers <irogers@google.com> wrote: > > The LLVM template is first echo-ed into command_out and then > command_out executed. The echo surrounds the template with double > quotes, however, the template itself may contain quotes. This is > generally innocuous but in tools/perf/tests/bpf-script-test-prologue.c > we see: > ... > SEC("func=null_lseek file->f_mode offset orig") > ... > where the first double quote ends the double quote of the echo, then > the > redirects output into a file called f_mode. > > To avoid this inadvertent behavior substitute redirects and similar > characters to be ASCII control codes, then substitute the output in > the echo back again. > > Fixes: 5eab5a7ee032 ("perf llvm: Display eBPF compiling command in debug output") > Signed-off-by: Ian Rogers <irogers@google.com> Ping. Not really a BPF/LLVM fix, it is just doing some string manipulation to avoid shell interpretation in the context of making BPF/LLVM. Thanks, Ian > --- > tools/perf/util/llvm-utils.c | 25 ++++++++++++++++++++++++- > 1 file changed, 24 insertions(+), 1 deletion(-) > > diff --git a/tools/perf/util/llvm-utils.c b/tools/perf/util/llvm-utils.c > index 650ffe336f3a..4e8e243a6e4b 100644 > --- a/tools/perf/util/llvm-utils.c > +++ b/tools/perf/util/llvm-utils.c > @@ -531,14 +531,37 @@ int llvm__compile_bpf(const char *path, void **p_obj_buf, > > pr_debug("llvm compiling command template: %s\n", template); > > + /* > + * Below, substitute control characters for values that can cause the > + * echo to misbehave, then substitute the values back. > + */ > err = -ENOMEM; > - if (asprintf(&command_echo, "echo -n \"%s\"", template) < 0) > + if (asprintf(&command_echo, "echo -n \a%s\a", template) < 0) > goto errout; > > +#define SWAP_CHAR(a, b) do { if (*p == a) *p = b; } while (0) > + for (char *p = command_echo; *p; p++) { > + SWAP_CHAR('<', '\001'); > + SWAP_CHAR('>', '\002'); > + SWAP_CHAR('"', '\003'); > + SWAP_CHAR('\'', '\004'); > + SWAP_CHAR('|', '\005'); > + SWAP_CHAR('&', '\006'); > + SWAP_CHAR('\a', '"'); > + } > err = read_from_pipe(command_echo, (void **) &command_out, NULL); > if (err) > goto errout; > > + for (char *p = command_out; *p; p++) { > + SWAP_CHAR('\001', '<'); > + SWAP_CHAR('\002', '>'); > + SWAP_CHAR('\003', '"'); > + SWAP_CHAR('\004', '\''); > + SWAP_CHAR('\005', '|'); > + SWAP_CHAR('\006', '&'); > + } > +#undef SWAP_CHAR > pr_debug("llvm compiling command : %s\n", command_out); > > err = read_from_pipe(template, &obj_buf, &obj_buf_sz); > -- > 2.39.0.314.g84b9a713c41-goog >
Em Thu, Jan 19, 2023 at 07:57:19AM -0800, Ian Rogers escreveu: > On Thu, Jan 5, 2023 at 12:26 AM Ian Rogers <irogers@google.com> wrote: > > > > The LLVM template is first echo-ed into command_out and then > > command_out executed. The echo surrounds the template with double > > quotes, however, the template itself may contain quotes. This is > > generally innocuous but in tools/perf/tests/bpf-script-test-prologue.c > > we see: > > ... > > SEC("func=null_lseek file->f_mode offset orig") > > ... > > where the first double quote ends the double quote of the echo, then > > the > redirects output into a file called f_mode. > > > > To avoid this inadvertent behavior substitute redirects and similar > > characters to be ASCII control codes, then substitute the output in > > the echo back again. > > > > Fixes: 5eab5a7ee032 ("perf llvm: Display eBPF compiling command in debug output") > > Signed-off-by: Ian Rogers <irogers@google.com> > > Ping. Not really a BPF/LLVM fix, it is just doing some string > manipulation to avoid shell interpretation in the context of making > BPF/LLVM. Thanks, applied. - Arnaldo
diff --git a/tools/perf/util/llvm-utils.c b/tools/perf/util/llvm-utils.c index 650ffe336f3a..4e8e243a6e4b 100644 --- a/tools/perf/util/llvm-utils.c +++ b/tools/perf/util/llvm-utils.c @@ -531,14 +531,37 @@ int llvm__compile_bpf(const char *path, void **p_obj_buf, pr_debug("llvm compiling command template: %s\n", template); + /* + * Below, substitute control characters for values that can cause the + * echo to misbehave, then substitute the values back. + */ err = -ENOMEM; - if (asprintf(&command_echo, "echo -n \"%s\"", template) < 0) + if (asprintf(&command_echo, "echo -n \a%s\a", template) < 0) goto errout; +#define SWAP_CHAR(a, b) do { if (*p == a) *p = b; } while (0) + for (char *p = command_echo; *p; p++) { + SWAP_CHAR('<', '\001'); + SWAP_CHAR('>', '\002'); + SWAP_CHAR('"', '\003'); + SWAP_CHAR('\'', '\004'); + SWAP_CHAR('|', '\005'); + SWAP_CHAR('&', '\006'); + SWAP_CHAR('\a', '"'); + } err = read_from_pipe(command_echo, (void **) &command_out, NULL); if (err) goto errout; + for (char *p = command_out; *p; p++) { + SWAP_CHAR('\001', '<'); + SWAP_CHAR('\002', '>'); + SWAP_CHAR('\003', '"'); + SWAP_CHAR('\004', '\''); + SWAP_CHAR('\005', '|'); + SWAP_CHAR('\006', '&'); + } +#undef SWAP_CHAR pr_debug("llvm compiling command : %s\n", command_out); err = read_from_pipe(template, &obj_buf, &obj_buf_sz);
The LLVM template is first echo-ed into command_out and then command_out executed. The echo surrounds the template with double quotes, however, the template itself may contain quotes. This is generally innocuous but in tools/perf/tests/bpf-script-test-prologue.c we see: ... SEC("func=null_lseek file->f_mode offset orig") ... where the first double quote ends the double quote of the echo, then the > redirects output into a file called f_mode. To avoid this inadvertent behavior substitute redirects and similar characters to be ASCII control codes, then substitute the output in the echo back again. Fixes: 5eab5a7ee032 ("perf llvm: Display eBPF compiling command in debug output") Signed-off-by: Ian Rogers <irogers@google.com> --- tools/perf/util/llvm-utils.c | 25 ++++++++++++++++++++++++- 1 file changed, 24 insertions(+), 1 deletion(-)