Page 1 of 1

Size overflow in sys_dup3

PostPosted: Wed Dec 18, 2013 4:31 pm
by wizeman
Hi,

While running 3.0-3.2.53-201312151209 (and the version before) I'm running into this problem while building/testing GNU grep:

Code: Select all
Dec 18 21:22:56 kernel[1794]: [ 4965.138806] PAX: size overflow detected in function sys_dup3 fs/fcntl.c:67 cicus.55_122 max, count: 1
Dec 18 21:22:56 kernel[1794]: [ 4965.138811] Pid: 32264, comm: test-dup2 Tainted: P           O 3.2.53 #1-NixOS
Dec 18 21:22:56 kernel[1794]: [ 4965.138813] Call Trace:
Dec 18 21:22:56 kernel[1794]: [ 4965.138819]  [report_size_overflow+0x3b/0x50] report_size_overflow+0x3b/0x50
Dec 18 21:22:56 kernel[1794]: [ 4965.138819]  [<ffffffff8115621b>] report_size_overflow+0x3b/0x50
Dec 18 21:22:56 kernel[1794]: [ 4965.138822]  [sys_dup3+0x1c3/0x1d0] sys_dup3+0x1c3/0x1d0
Dec 18 21:22:56 kernel[1794]: [ 4965.138822]  [<ffffffff81165663>] sys_dup3+0x1c3/0x1d0
Dec 18 21:22:56 kernel[1794]: [ 4965.138824]  [sys_dup2+0x2b/0x70] sys_dup2+0x2b/0x70
Dec 18 21:22:56 kernel[1794]: [ 4965.138824]  [<ffffffff8116569b>] sys_dup2+0x2b/0x70
Dec 18 21:22:56 kernel[1794]: [ 4965.138829]  [system_call_fastpath+0x16/0x1b] system_call_fastpath+0x16/0x1b
Dec 18 21:22:56 kernel[1794]: [ 4965.138829]  [<ffffffff81437c5c>] system_call_fastpath+0x16/0x1b


Is this a known bug?

Re: Size overflow in sys_dup3

PostPosted: Thu Dec 19, 2013 10:12 am
by ephox
Thanks for the report. It will be fixed in the next PaX version.