RHEL Engineering is moving the tracking of its product development work on RHEL 6 through RHEL 9 to Red Hat Jira (issues.redhat.com). If you're a Red Hat customer, please continue to file support cases via the Red Hat customer portal. If you're not, please head to the "RHEL project" in Red Hat Jira and file new tickets here. Individual Bugzilla bugs in the statuses "NEW", "ASSIGNED", and "POST" are being migrated throughout September 2023. Bugs of Red Hat partners with an assigned Engineering Partner Manager (EPM) are migrated in late September as per pre-agreed dates. Bugs against components "kernel", "kernel-rt", and "kpatch" are only migrated if still in "NEW" or "ASSIGNED". If you cannot log in to RH Jira, please consult article #7032570. That failing, please send an e-mail to the RH Jira admins at rh-issues@redhat.com to troubleshoot your issue as a user management inquiry. The email creates a ServiceNow ticket with Red Hat. Individual Bugzilla bugs that are migrated will be moved to status "CLOSED", resolution "MIGRATED", and set with "MigratedToJIRA" in "Keywords". The link to the successor Jira issue will be found under "Links", have a little "two-footprint" icon next to it, and direct you to the "RHEL project" in Red Hat Jira (issue links are of type "https://issues.redhat.com/browse/RHEL-XXXX", where "X" is a digit). This same link will be available in a blue banner at the top of the page informing you that that bug has been migrated.
Bug 589638 - opcontrol accepting bogus values for --cpu-buffer-size argument
Summary: opcontrol accepting bogus values for --cpu-buffer-size argument
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 6
Classification: Red Hat
Component: oprofile
Version: 6.0
Hardware: All
OS: Linux
low
low
Target Milestone: rc
: ---
Assignee: William Cohen
QA Contact: qe-baseos-tools-bugs
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2010-05-06 15:30 UTC by Petr Muller
Modified: 2016-09-20 02:06 UTC (History)
2 users (show)

Fixed In Version: oprofile-0.9.6-10.el6
Doc Type: Bug Fix
Doc Text:
Cause: Passing non-numeric arguments for opcontrol options that require numerical arguments (--buffer-size, --buffer-watershed,--cpu-buffer-size, and --callgraph) would be written to /dev/oprofile files as is. Consequence: opcontrol would write bogus values as-is to /dev/oprofile files. Fix: Numeric argument checking added to opcontrol. Result: opcontrol will report illegal non-numeric argument rather than blindly writing them to /dev/oprofile files.
Clone Of:
Environment:
Last Closed: 2011-05-19 13:06:38 UTC
Target Upstream Version:
Embargoed:


Attachments (Terms of Use)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2011:0566 0 normal SHIPPED_LIVE oprofile bug fix and enhancement update 2011-05-18 17:57:08 UTC

Description Petr Muller 2010-05-06 15:30:02 UTC
Description of problem:
RHEL5 oprofile did not allow the value for --cpu-buffer-size for be invalid (albeit maybe accidentally - see the additional info below). The parameter is supposed to be a number. RHEL6 oprofile accepts negative values and even a totally bogus value:

opcontrol --deinit; opcontrol --start --no-vmlinux --cpu-buffer-size=GGHHGGNEE
opcontrol --deinit; opcontrol --start --no-vmlinux --cpu-buffer-size=-20

Oprofile starts without any problem. When using --verbose, you can see that oprofile doesn't sanitize the value:

(...)
CPU_BUF_SIZE -20
(...)

However, oprofile does not seem to be misbehaving with this input, so perhaps the values are sanitized (or ignored) somewhere later. But IMO it would be good to actively refuse bogus arguments.

Version-Release number of selected component (if applicable):
oprofile-0.9.6-4.el6

How reproducible:
always

Steps to Reproduce:
1. opcontrol --start --no-vmlinux --cpu-buffer-size=GGHHGGNEE
  
Actual results:
oprofile starts

Expected results:
oprofile refuses to start, or at least issues a warning

Additional info:
RHEL5 oprofile's behavior:

# opcontrol --start --no-vmlinux --cpu-buffer-size=gghdgs
Using default event: CPU_CLK_UNHALTED:100000:0:1:1
Using 2.6+ OProfile kernel interface.
Failed to open profile device: Cannot allocate memory
Couldn't start oprofiled.
Check the log file "/var/lib/oprofile/samples/oprofiled.log" and kernel syslog

The failure to start seems to be caused by active refusal from some internal memory allocation function which was passed wrong parameters, than some real sanity check.

Comment 2 Florian Nadge 2011-02-03 11:53:27 UTC
Please be so kind and add a few key words to the Technical Note field of this
Bugzilla entry using the following structure:

Cause:

Consequence:

Fix:

Result:


For details, see:
https://bugzilla.redhat.com/page.cgi?id=fields.html#cf_release_notes

Thanks

Comment 3 Florian Nadge 2011-02-03 11:53:27 UTC
    Technical note added. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    New Contents:
Cause:

Consequence:

Fix:

Result:

Comment 4 William Cohen 2011-02-03 15:10:20 UTC
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,7 +1,7 @@
-Cause:
+Cause: Using non-numeric arguments for opcontrol options that require numerical arguments (--buffer-size, --buffer-watershed,--cpu-buffer-size, and --callgraph)
 
-Consequence:
+Consequence: opcontrol would write bogus values to /dev/oprofile files.
 
-Fix:
+Fix: Add argument checking to opcontrol
 
-Result:+Result: opcontrol will report illegal argument rather than blindly writing them to /dev/oprofile files.

Comment 5 William Cohen 2011-02-03 15:13:50 UTC
    Technical note updated. If any revisions are required, please edit the "Technical Notes" field
    accordingly. All revisions will be proofread by the Engineering Content Services team.
    
    Diffed Contents:
@@ -1,7 +1,7 @@
-Cause: Using non-numeric arguments for opcontrol options that require numerical arguments (--buffer-size, --buffer-watershed,--cpu-buffer-size, and --callgraph)
+Cause: Passing non-numeric arguments for opcontrol options that require numerical arguments (--buffer-size, --buffer-watershed,--cpu-buffer-size, and --callgraph) would be written to /dev/oprofile files as is.
 
-Consequence: opcontrol would write bogus values to /dev/oprofile files.
+Consequence: opcontrol would write bogus values as-is to /dev/oprofile files.
 
-Fix: Add argument checking to opcontrol
+Fix: Numeric argument checking added to opcontrol.
 
-Result: opcontrol will report illegal argument rather than blindly writing them to /dev/oprofile files.+Result: opcontrol will report illegal non-numeric argument rather than blindly writing them to /dev/oprofile files.

Comment 7 errata-xmlrpc 2011-05-19 13:06:38 UTC
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on therefore solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.

http://rhn.redhat.com/errata/RHBA-2011-0566.html


Note You need to log in before you can comment on or make changes to this bug.