Bug 2028166

Summary: [RHEL 9] assertion when using 'xx' arguments to strace
Product: Red Hat Enterprise Linux 9 Reporter: Eugene Syromiatnikov <esyr>
Component: straceAssignee: Eugene Syromiatnikov <esyr>
strace sub component: system-version QA Contact: Jesus Checa <jchecahi>
Status: CLOSED ERRATA Docs Contact:
Severity: medium    
Priority: unspecified CC: emachado, ohudlick, pandrade, qe-baseos-tools-bugs
Version: 9.0Keywords: Triaged
Target Milestone: rcFlags: pm-rhel: mirror+
Target Release: ---   
Hardware: All   
OS: Linux   
Whiteboard:
Fixed In Version: strace-5.13-5.el9 Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: 2028146 Environment:
Last Closed: 2022-05-17 16:01:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Eugene Syromiatnikov 2021-12-01 16:02:22 UTC 
+++ This bug was initially created as a clone of Bug #2028146 +++

Backtrace:

...
(gdb) bt
#0  die () at strace.c:313
#1  0x000000000040d883 in error_msg_and_die (fmt=fmt@entry=0x4640e8 "%s: got unexpected return value %d for snprintf(buf, %zu, %s)") at error_prints.c:74
#2  0x000000000042152a in xsnprintf_ (str=0x6f9a20 <res.6552> "if_nametoindex(\"\\x62\\x6c\\x69\\x6e\\x6", size=36, func=0x484ede <__func__.6555> "get_ifname", argstr=0x484eb0 "(\"if_nametoindex(\" \"%s\" \")\"), name_quoted_buf", 
    format=0x484e9b "if_nametoindex(%s)", format=0x484e9b "if_nametoindex(%s)", argstr=0x484eb0 "(\"if_nametoindex(\" \"%s\" \")\"), name_quoted_buf", func=0x484ede <__func__.6555> "get_ifname", size=36, 
    str=0x6f9a20 <res.6552> "if_nametoindex(\"\\x62\\x6c\\x69\\x6e\\x6") at xstring.h:36
#3  0x0000000000421596 in get_ifname (ifindex=6) at print_ifindex.c:31
#4  print_ifindex (ifindex=6) at print_ifindex.c:44
#5  0x0000000000427a7d in decode_ndmsg (tcp=0x712370, nlmsghdr=<optimized out>, family=<optimized out>, addr=140215372832688, len=60) at rtnl_neigh.c:86
#6  0x000000000041c5c8 in decode_netlink_route (tcp=tcp@entry=0x712370, nlmsghdr=nlmsghdr@entry=0x7fffffffe0b0, addr=addr@entry=140215372832688, len=len@entry=60) at netlink_route.c:120
...

  The problem in frame #3:

(gdb) f 3
#3  0x0000000000421596 in get_ifname (ifindex=6) at print_ifindex.c:31
31			xsprintf(res, INI_PFX "%s" INI_SFX, name_quoted_buf);
(gdb) info local
name_buf = "blink1\000\000\000\000\000\000\000\000\000"
name_quoted_buf = "\"\\x62\\x6c\\x69\\x6e\\x"
res = "if_nametoindex(\"\\x62\\x6c\\x69\\x6e\\x6"
res = "if_nametoindex(\"\\x62\\x6c\\x69\\x6e\\x6"
__func__ = "get_ifname"

  The fix could be to check the 'xflag' global variable and not print in hex
the name, but since all strings are printed in hex, the most likely fix should
be to rework the code in print_ifindex.c. This appears to be buggy:

# define IFNAME_QUOTED_SZ (sizeof(IFNAMSIZ) * 4 + 3)

as it most likely should mean:

# define IFNAME_QUOTED_SZ (IFNAMSIZ * 4 + 3)

because, otherwise it should result in:

sizeof(IFNAMSIZ) that is the same as sizeof(16) and return 4 (as literal
16 should default to type int). So, the code likely did already prepare for
printing in hex, but due to a mistake, used sizeof.
Comment 1 Eugene Syromiatnikov 2021-12-02 21:49:46 UTC 
Fixed upstream in strace commit v5.15~1[1].

[1] https://gitlab.com/strace/strace/-/commit/e27b0677
Comment 5 Jesus Checa 2022-01-10 10:40:25 UTC 
Verified with TC#612760. Previous build strace-5.13-4.el9 reproduces the bug, while fixed build strace-5.13-5.el9 does not. Complete regtest looks good as well.
Comment 7 errata-xmlrpc 2022-05-17 16:01:32 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (new packages: strace), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2022:4023