From eec7b161c552a24c5122b7623d2e9a9a44c44a8c Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 17:33:03 +0800 Subject: [PATCH 01/14] source/sysak.c: Fix ANVD-2024-080802 Signed-off-by: Liu Hailong --- source/sysak.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/source/sysak.c b/source/sysak.c index 67e0db5d..65ea9b51 100644 --- a/source/sysak.c +++ b/source/sysak.c @@ -258,6 +258,11 @@ static int down_install_ext_tools(const char *tool) char rule[LINE_BUFF_LEN]; char *pstr; + char *ppos = strchr(tool,';'); + if (ppos) { + printf("The *;* is not allowd in args \n"); + return -1; + } sprintf(download_cmd, "wget %s/sysak/ext_tools/%s/%s/rule -P %s &>/dev/null", sysak_components_server, machine, tool, tools_path); //printf("%s ... \n", download_cmd); -- Gitee From 3e20df5fe585db8c0a659edb0e855e69fd6e4b1a Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 17:54:04 +0800 Subject: [PATCH 02/14] =?UTF-8?q?source/sysak.c:=20=E4=BF=AE=E5=A4=8D=20AN?= =?UTF-8?q?VD-2024-080701=20sysak=20tool=5Fexe=E7=BC=93=E5=86=B2=E5=8C=BA?= =?UTF-8?q?=E6=BA=A2=E5=87=BA=E6=BC=8F=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/sysak.c | 11 ++++++++--- 1 file changed, 8 insertions(+), 3 deletions(-) diff --git a/source/sysak.c b/source/sysak.c index 65ea9b51..e5b23d6b 100644 --- a/source/sysak.c +++ b/source/sysak.c @@ -578,9 +578,14 @@ static int exectue(int argc, char *argv[]) if (run_depend[0]) add_python_depend(run_depend, subcmd_name); - else - strncpy(tools_exec, subcmd_name, strlen(subcmd_name)); - + else { + size_t len = strlen(subcmd_name); + if (len >= sizeof(tools_exec)) { + len = sizeof(tools_exec) - 1; + } + strncpy(tools_exec, subcmd_name, len); + tools_exec[len] = '\0'; + } snprintf(subcmd_exec_final, sizeof(subcmd_exec_final), "%s;%s", sysak_work_path, tools_exec); ret = my_system(subcmd_exec_final); if (ret < 0) -- Gitee From c49b192996e73029e2e7af1eeea978f5d21b23f8 Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 17:55:47 +0800 Subject: [PATCH 03/14] =?UTF-8?q?hw=5Fevent:=E4=BF=AE=E5=A4=8DANVD-2024-08?= =?UTF-8?q?0901=20pmu/hw=5Fevent=E5=91=BD=E4=BB=A4=E6=89=A7=E8=A1=8C?= =?UTF-8?q?=E6=BC=8F=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/tools/detect/pmu/hw_event/hw_event.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source/tools/detect/pmu/hw_event/hw_event.c b/source/tools/detect/pmu/hw_event/hw_event.c index 6b79f506..aa490294 100644 --- a/source/tools/detect/pmu/hw_event/hw_event.c +++ b/source/tools/detect/pmu/hw_event/hw_event.c @@ -169,6 +169,7 @@ int main(int argc, char *argv[]) path = origpath; for (;;) { FILE *result; + char *ppos; c = getopt_long(argc, argv, "c:s:h", NULL, &option_index); if (c == -1) break; @@ -177,6 +178,11 @@ int main(int argc, char *argv[]) case 'c': memset(cmd, 0, sizeof(cmd)); memset(buffer, 0, sizeof(buffer)); + ppos = strchr(optarg,';'); + if (ppos) { + printf("The *;* is not allowd in args \n"); + return -1; + } snprintf(cmd, sizeof(cmd)-1, "docker inspect --format \"{{ .Id}}\" %s", optarg); result = popen(cmd, "r"); -- Gitee From 93b573243a3eec2bd208d7311bbb3b115d99fd69 Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 18:03:40 +0800 Subject: [PATCH 04/14] =?UTF-8?q?source/sysak.c:=20=E4=BF=AE=E5=A4=8DANVD-?= =?UTF-8?q?2024-080702=20kern=5Fversion=20=E7=BC=93=E5=86=B2=E5=8C=BA?= =?UTF-8?q?=E6=BA=A2=E5=87=BA=E6=BC=8F=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/sysak.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/source/sysak.c b/source/sysak.c index e5b23d6b..947fea1f 100644 --- a/source/sysak.c +++ b/source/sysak.c @@ -127,8 +127,10 @@ static void kern_release(void) printf("cannot get system version\n"); return; } - strncpy(kern_version, name.release, sizeof(name.release)); - strncpy(machine, name.machine, sizeof(name.machine)); + strncpy(kern_version, name.release, sizeof(kern_version) - 1); + kern_version[sizeof(kern_version) - 1] = '\0'; + strncpy(machine, name.machine, sizeof(machine) - 1); + machine[sizeof(machine) - 1] = '\0'; } static int mod_ctrl(bool enable) -- Gitee From c4eec008e54c7f395e824a0156bdcb6a878ee16d Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 18:25:37 +0800 Subject: [PATCH 05/14] =?UTF-8?q?kcore=5Futils:=20=E4=BF=AE=E5=A4=8DANVD-2?= =?UTF-8?q?024-080705=20kcore=5Futils=E7=BC=93=E5=86=B2=E5=8C=BA=E6=BA=A2?= =?UTF-8?q?=E5=87=BA=E6=BC=8F=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/lib/uapi/kcore_utils.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/lib/uapi/kcore_utils.c b/source/lib/uapi/kcore_utils.c index e58b45c2..0471bc02 100644 --- a/source/lib/uapi/kcore_utils.c +++ b/source/lib/uapi/kcore_utils.c @@ -249,7 +249,7 @@ static int download_btf() strcat(sysak_path, kernel); } - snprintf(dw, LEN + LEN + LEN, "wget -T 5 -t 2 -q -O %s/vmlinux-%s https://sysom-cn-%s.oss-cn-%s%s.aliyuncs.com/home/hive/btf/%s/vmlinux-%s", sysak_path, kernel, ®ion[3],®ion[3], timeout,arch, kernel); + snprintf(dw, sizeof(dw), "wget -T 5 -t 2 -q -O %s/vmlinux-%s https://sysom-cn-%s.oss-cn-%s%s.aliyuncs.com/home/hive/btf/%s/vmlinux-%s", sysak_path, kernel, ®ion[3],®ion[3], timeout,arch, kernel); do_cmd(dw, kernel, LEN); return 0; @@ -292,4 +292,4 @@ char *prepare_btf_file() } return btf; -} \ No newline at end of file +} -- Gitee From 299e938ff25d44a1343c77fdd8bd49324a99bea4 Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 18:51:48 +0800 Subject: [PATCH 06/14] =?UTF-8?q?pidComm.c:=20=E4=BF=AE=E5=A4=8DANVD-2024-?= =?UTF-8?q?080703,04=E7=BC=93=E5=86=B2=E5=8C=BA=E6=BA=A2=E5=87=BA=E6=BC=8F?= =?UTF-8?q?=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/lib/uapi/pidComm.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/source/lib/uapi/pidComm.c b/source/lib/uapi/pidComm.c index ef4c7337..e46fae3a 100644 --- a/source/lib/uapi/pidComm.c +++ b/source/lib/uapi/pidComm.c @@ -85,8 +85,8 @@ static inline int get_con_cgpath_bypid(char *subpath, long pid, const char* cg, if (!fp) return errno; - memset(buf_512, 0, 1024); - while(fgets(buf_512, 1024, fp)) { + memset(buf_512, 0, sizeof(buf_512)); + while(fgets(buf_512, sizeof(buf_512), fp)) { size_t len; char *token; if((token = strstr(buf_512, cg)) != NULL) { -- Gitee From a3850e801a55198c66c51e9ead17bfb0929550af Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 19:06:53 +0800 Subject: [PATCH 07/14] =?UTF-8?q?mservice/mod=5Fpercpu.c:=E4=BF=AE?= =?UTF-8?q?=E5=A4=8DANVD-2024-081005=20mservice=E5=86=85=E5=AD=98=E6=B3=84?= =?UTF-8?q?=E6=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/tools/monitor/mservice/master/modules/mod_percpu.c | 1 + 1 file changed, 1 insertion(+) diff --git a/source/tools/monitor/mservice/master/modules/mod_percpu.c b/source/tools/monitor/mservice/master/modules/mod_percpu.c index dd5f3180..02f7ed42 100644 --- a/source/tools/monitor/mservice/master/modules/mod_percpu.c +++ b/source/tools/monitor/mservice/master/modules/mod_percpu.c @@ -75,6 +75,7 @@ read_percpu_stats(struct module *mod) memset(buf, 0, LEN_1M); memset(&st_percpu, 0, STATS_PERCPU_SIZE); if ((fp = fopen(STAT_PATH, "r")) == NULL) { + free(nr_run); return; } memset(nr_run, 0, nr_cpus*sizeof(U_64)); -- Gitee From 698b422705aec162582818f9c7acb8193c30dd7f Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 19:08:57 +0800 Subject: [PATCH 08/14] =?UTF-8?q?json=5Fdump.c:=E4=BF=AE=E5=A4=8DANVD-2024?= =?UTF-8?q?-081006=20runlatency=E6=9C=AA=E5=AE=9A=E4=B9=89=E8=A1=8C?= =?UTF-8?q?=E4=B8=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/tools/detect/sched/runlatency/json_dump.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/tools/detect/sched/runlatency/json_dump.c b/source/tools/detect/sched/runlatency/json_dump.c index ad2a303f..5fa66dfb 100644 --- a/source/tools/detect/sched/runlatency/json_dump.c +++ b/source/tools/detect/sched/runlatency/json_dump.c @@ -49,7 +49,7 @@ int clear_file(char *path) int parse_dump(char *file) { char *s; - int ret; + int ret = 0; FILE *outf = NULL; s = malloc(STREAM_SIZE); -- Gitee From fe609f98349da8e4645368a46d952621456e07aa Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 19:13:11 +0800 Subject: [PATCH 09/14] =?UTF-8?q?sysak.c:=E4=BF=AE=E5=A4=8DANVD-2024-08100?= =?UTF-8?q?7=20sysak.c=E8=B5=84=E6=BA=90=E6=BC=8F=E6=B3=84?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/sysak.c | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/source/sysak.c b/source/sysak.c index 947fea1f..748b08fb 100644 --- a/source/sysak.c +++ b/source/sysak.c @@ -222,12 +222,16 @@ static bool get_module_tag(void) pstr += strlen("sysak_module_tag="); strcpy(module_tag, pstr); strim(module_tag); - if (strlen(module_tag) == 0) + if (strlen(module_tag) == 0) { + fclose(fp); return false; + } + fclose(fp); return true; } } + fclose(fp); return false; } -- Gitee From 17f1df2a155e63d58b43ff405ecfe73c99513414 Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 19:18:08 +0800 Subject: [PATCH 10/14] =?UTF-8?q?syshung=5Fdetector.c:=E4=BF=AE=E5=A4=8DAN?= =?UTF-8?q?VD-2024-081008,9,10=20syshung=5Fdetector=E8=B5=84=E6=BA=90?= =?UTF-8?q?=E6=B3=84=E6=BC=8F?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- .../tools/detect/generic/syshung_detector/syshung_detector.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/source/tools/detect/generic/syshung_detector/syshung_detector.c b/source/tools/detect/generic/syshung_detector/syshung_detector.c index 2e1168ff..da44eca2 100644 --- a/source/tools/detect/generic/syshung_detector/syshung_detector.c +++ b/source/tools/detect/generic/syshung_detector/syshung_detector.c @@ -165,6 +165,7 @@ static bool load_detect(char *path) if ((long)load_avg_1 >= (LOAD_CPUS_SCALE * smp_num_cpus) / 2){ g_syshung.hung_class = NORMAL_FAULT; g_syshung.event = HU_HIGHLOAD; + fclose(fp); return TRUE; } fclose(fp); @@ -185,7 +186,7 @@ static int calc_taskcount(char *path,int *count) if (strstr(buf,"Name:")) *count++; } - + fclose(fp); } static bool dztask_detect(void) @@ -436,6 +437,7 @@ static int data_storage(char *src, char *dst) fp_dst = fopen(dst, "a+"); if (!fp_dst){ + fclose(fp_src); printf("open %s failed\n", dst); return -1; } -- Gitee From 64b89e2be5886d22eac51dfc97f62adf0ab22042 Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 19:24:53 +0800 Subject: [PATCH 11/14] =?UTF-8?q?kmsg.c:=E4=BF=AE=E5=A4=8DANVD-2024-081011?= =?UTF-8?q?=20unity\test=E6=95=B0=E7=BB=84=E8=B6=8A=E7=95=8C?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/tools/monitor/unity/test/lab/kmsg/kmsg.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/source/tools/monitor/unity/test/lab/kmsg/kmsg.c b/source/tools/monitor/unity/test/lab/kmsg/kmsg.c index 613fa03c..f0b5a540 100644 --- a/source/tools/monitor/unity/test/lab/kmsg/kmsg.c +++ b/source/tools/monitor/unity/test/lab/kmsg/kmsg.c @@ -67,6 +67,8 @@ int kmsg_thread_func(void) { perror("kmsg read2 failed."); goto endRead; } + if (ret == 0) + break; buff[ret -1] = '\0'; printf("read: %s\n", buff); @@ -85,4 +87,4 @@ int kmsg_thread_func(void) { int main(void) { kmsg_thread_func(); return 0; -} \ No newline at end of file +} -- Gitee From a274ae8ea93926b1045d620faed2e7e455009c12 Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 19:33:23 +0800 Subject: [PATCH 12/14] =?UTF-8?q?tcpping.c:=E4=BF=AE=E5=A4=8DANVD-2024-081?= =?UTF-8?q?302=20tcpping=20=E5=B7=A5=E5=85=B7=E6=BC=8F=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/tools/detect/net/tcpping/src/tcpping.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source/tools/detect/net/tcpping/src/tcpping.c b/source/tools/detect/net/tcpping/src/tcpping.c index f1ae7556..c2dc9ac1 100644 --- a/source/tools/detect/net/tcpping/src/tcpping.c +++ b/source/tools/detect/net/tcpping/src/tcpping.c @@ -593,6 +593,8 @@ static int para_parse(int argc, char **argv) trace_para.delay = atoi(optarg); break; case 'u': + if (!is_number(optarg)) + return -1; trace_para.cpu = atoi(optarg); break; -- Gitee From 118b51a17cc75bbb22fa629bcdeaeb7f47ce1449 Mon Sep 17 00:00:00 2001 From: Liu Hailong Date: Fri, 16 Aug 2024 19:40:44 +0800 Subject: [PATCH 13/14] =?UTF-8?q?source/sysak.c:=20=E4=BF=AE=E5=A4=8DANVD-?= =?UTF-8?q?2024-081309=20=E4=BB=BB=E6=84=8F=E4=BB=A3=E7=A0=81=E6=89=A7?= =?UTF-8?q?=E8=A1=8C=E6=BC=8F=E6=B4=9E?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Liu Hailong --- source/sysak.c | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/source/sysak.c b/source/sysak.c index 748b08fb..e1e69d65 100644 --- a/source/sysak.c +++ b/source/sysak.c @@ -340,6 +340,12 @@ static int down_install(const char *component_name) char ko_file[MAX_WORK_PATH_LEN]; char btf_file[MAX_WORK_PATH_LEN]; int ret = 0; + char *ppos = strchr(component_name,';'); + if (ppos) { + printf("The *;* is not allowd in args \n"); + return -1; + } + if (!get_server_addr()) return -1; -- Gitee From 3b3076aa01fad3125e53a606cb679f91e1ec775d Mon Sep 17 00:00:00 2001 From: Hailong Liu Date: Fri, 16 Aug 2024 19:00:24 +0800 Subject: [PATCH 14/14] =?UTF-8?q?cfunc.c:=20=E4=BF=AE=E5=A4=8DANVD-2024-08?= =?UTF-8?q?1004=20ractor=E6=9C=AA=E5=AE=9A=E4=B9=89=E8=A1=8C=E4=B8=BA?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Hailong Liu --- source/tools/monitor/raptor/source/ebpf/cfunc.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source/tools/monitor/raptor/source/ebpf/cfunc.c b/source/tools/monitor/raptor/source/ebpf/cfunc.c index 374bba3f..80795f16 100644 --- a/source/tools/monitor/raptor/source/ebpf/cfunc.c +++ b/source/tools/monitor/raptor/source/ebpf/cfunc.c @@ -202,7 +202,7 @@ void cgo_ebpf_cleanup_dog(void *key, int32_t size) static int print_callback(enum libbpf_print_level level, const char *format, va_list args) { - int ret; + int ret = 0; if (env_para.debug) { ret = vfprintf(stderr, format, args); } -- Gitee