x/sys/unix: on FreeBSD PtraceLwpInfoStruct, PtraceIoDesc and PtraceIO all can not be used safely #54113

aarzilli · 2022-07-28T13:58:20Z

These all represent tracee addresses as *byte which makes -d=checkptr fail and the GC occasionally barf.

The text was updated successfully, but these errors were encountered:

cherrymui · 2022-07-28T20:21:57Z

cc @ianlancetaylor @bradfitz @tklauser @golang/runtime

bcmills · 2022-07-29T14:34:35Z

(CC @golang/freebsd)

gopherbot · 2022-09-06T13:50:33Z

Change https://go.dev/cl/419915 mentions this issue: x/sys/unix: use uintptr for tracee addresses on FreeBSD

hyangah · 2022-09-06T13:54:35Z

Based on the new port policy, cl/419915 needs reviews from @golang/freebsd

gopherbot · 2023-02-07T21:47:22Z

Change https://go.dev/cl/465676 mentions this issue: unix: fix a use-after-free bug in PtraceIO on freebsd

In CL 419915, both pointer fields of the PtraceIoDesc struct were converted to type uintptr to address golang/go#54113. However, that change was overzealous: the fix needed to convert fields that refer to addresses in the child process, but the Addr field of PtraceIoDesc is not even in the child process! It is instead an address in the parent (Go) process. Go's unsafe.Pointer rules prohibit converting a Go pointer to a uintptr except when immediately converting back to an unsafe.Pointer or calling a system call. Populating a PtraceIoDesc struct is neither of those things, so converting the Addr field to uintptr introduced a use-after-free bug. This change reverts the change to the Addr field from CL 419915 and consolidates the implementation of PtraceIO to reduce the the amount of code that varies with GOARCH. This change does not address the remaining ptrace uintptr bug (golang/go#58387), which is also present in the Linux implementation. Fixes golang/go#58351. Updates golang/go#54113. For golang/go#41205. Change-Id: I14bdb4af42130aa7b4375e3f53fd1a0435f14307 Reviewed-on: https://go-review.googlesource.com/c/sys/+/465676 Auto-Submit: Bryan Mills <[email protected]> Run-TryBot: Bryan Mills <[email protected]> Reviewed-by: Ian Lance Taylor <[email protected]> TryBot-Result: Gopher Robot <[email protected]>

gopherbot added the compiler/runtime Issues related to the Go compiler and/or runtime. label Jul 28, 2022

gopherbot added this to the Unreleased milestone Jul 28, 2022

cherrymui added the NeedsInvestigation Someone must examine and confirm this is a valid issue and not a duplicate of an existing one. label Jul 28, 2022

bcmills added the OS-FreeBSD label Jul 29, 2022

mknyszek added this to Go Compiler / Runtime Aug 3, 2022

mknyszek assigned paulzhol, dmgk and ayang64 Aug 3, 2022

mknyszek moved this to Todo in Go Compiler / Runtime Aug 3, 2022

gopherbot closed this as completed in golang/sys@9e1f761 Sep 6, 2022

Repository owner moved this from Todo to Done in Go Compiler / Runtime Sep 6, 2022

bcmills mentioned this issue Feb 6, 2023

x/sys/unix: FreeBSD PtraceIO violates unsafe.Pointer rules #58351

Closed

mknyszek removed this from Go Compiler / Runtime Apr 19, 2023

golang locked and limited conversation to collaborators Feb 7, 2024

gopherbot added the FrozenDueToAge label Feb 7, 2024

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

x/sys/unix: on FreeBSD PtraceLwpInfoStruct, PtraceIoDesc and PtraceIO all can not be used safely #54113

x/sys/unix: on FreeBSD PtraceLwpInfoStruct, PtraceIoDesc and PtraceIO all can not be used safely #54113

aarzilli commented Jul 28, 2022

cherrymui commented Jul 28, 2022

bcmills commented Jul 29, 2022

gopherbot commented Sep 6, 2022

hyangah commented Sep 6, 2022

gopherbot commented Feb 7, 2023

x/sys/unix: on FreeBSD PtraceLwpInfoStruct, PtraceIoDesc and PtraceIO all can not be used safely #54113

x/sys/unix: on FreeBSD PtraceLwpInfoStruct, PtraceIoDesc and PtraceIO all can not be used safely #54113

Comments

aarzilli commented Jul 28, 2022

cherrymui commented Jul 28, 2022

bcmills commented Jul 29, 2022

gopherbot commented Sep 6, 2022

hyangah commented Sep 6, 2022

gopherbot commented Feb 7, 2023