Bug 65357 – (VM)If ptrace() modifes a page, the child program can as well.

Bug 65357 - (VM)If ptrace() modifes a page, the child program can as well.

Summary:	(VM)If ptrace() modifes a page, the child program can as well.

Status:	CLOSED CURRENTRELEASE

Aliases:	None

Product:	Red Hat Linux
Classification:	Retired
Component:	kernel (Show other bugs)
Sub Component:
Version:	7.1
Hardware:	i686 Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Arjan van de Ven
QA Contact:	Brian Brock
Docs Contact:

URL:
Whiteboard:
Keywords:

Depends On:
Blocks:
	Show dependency tree / graph

Reported:	2002-05-22 13:56 EDT by Tom Horsley
Modified:	2008-08-01 12:22 EDT (History)
CC List:	0 users

See Also:
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Story Points:	---
Clone Of:
Environment:
Last Closed:	2004-09-30 11:39:37 EDT
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Tom Horsley 2002-05-22 13:56:19 EDT

From Bugzilla Helper:
User-Agent: Mozilla/4.0 (compatible; MSIE 5.5; Windows NT 4.0; T312461)

Description of problem:
If you are debugging a program and modify read only pages (by setting
a breakpoint, for example), then the modified pages are now writable
by the user process being debugged as well.

Version-Release number of selected component (if applicable):


How reproducible:
Always

Steps to Reproduce:
1. Compile attached bug.c program (with -g)
2. Run it and watch it segfault
3. Now run gdb on the program.
4. Set a breakpoint at *&main
5. Let the program run to the breakpoint, then continue it.
6. Watch the program run with no errors and overwrite &main.	

Actual Results:  Program does not segfault.

Expected Results:  Program should segfault. Just because it is running under
the debugger, read/execute pages should not become writable.

By the way: The /proc address map info still shows the page
as read/execute even though it really is writable after you
set the breakpoint.


Additional info:

Here is the bug.c source code (its small):

  #include <stdio.h>

  int
  main(int argc, char ** argv) {
     int * mainprog = ((int *)(void *)&main);
     printf("Main program starts at %#x\n", mainprog);
     printf("First word looks like 0x%08x\n", *mainprog);
     printf("About to try writing on it...\n");
     fflush(stdout);
     *mainprog = 0xdeadbeef;
     printf("First word now looks like 0x%08x\n", *mainprog);
     fflush(stdout);
     return 0;
  }

Comment 1 Arjan van de Ven 2002-05-22 14:30:59 EDT

Since ptrace changes quite a bit per kernel version, could you specify which
kernel version(s) you have tested ?

Comment 2 Tom Horsley 2002-05-22 14:49:46 EDT

I tried several different linux systems, and it failed on all of
them (including a 2.4.18 kernel we have some custom mods in).
The redhat 7.1 system it failed on first is running 2.4.9-21.

Comment 3 Bugzilla owner 2004-09-30 11:39:37 EDT

Thanks for the bug report. However, Red Hat no longer maintains this version of
the product. Please upgrade to the latest version and open a new bug if the problem
persists.

The Fedora Legacy project (http://fedoralegacy.org/) maintains some older releases, 
and if you believe this bug is interesting to them, please report the problem in
the bug tracker at: http://bugzilla.fedora.us/

Note You need to log in before you can comment on or make changes to this bug.