A mirror of Man pages
Go to file
Cyril Hrubis 108e40cccb ioctl_list.2: BLKRASET/BLKRAGET take unsigned long
The BLKRASET/BLKRAGET ioctls() take unsigned long, if I pass int * to
the BLKRAGET ioctl on x86_64 (or on any other arch where sizeof(int) !=
sizeof(long)) the BLKRAGET ioctl will rewrite four bytes on the stack.

If you look at block/ioctl.c in kernel sources you can clearly see that
BLKRAGET ioctl calls put_long().

Compile following reproducer and run it as ./a.out /dev/sda, you can see
that the second member of the array will be zeroed. If you change the
array to have only one member you will see stack smashing trace.

I also wonder if it's OK to pass int value to ioctl() at all, the arg
value seems to be unsigned long in the syscall definition in fs/ioctl.c
and there does not seem to be any glibc magic around the syscall.

-------------------------8<----------------------------

static int fd;

int main(int argc, char *argv[])
{
	int ra[] = {100, 100};

	fd = open(argv[1], O_RDONLY);
	if (fd < 0) {
		perror("open");
		return 1;
	}

	ioctl(fd, BLKRAGET, ra);

	fprintf(stderr, "%i %i\n", ra[0], ra[1]);

	return 0;
}

-------------------------8<----------------------------

Reviewed-by: Arnd Bergmann <arnd@arndb.de>
Signed-off-by: Cyril Hrubis <chrubis@suse.cz>
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
2017-04-10 16:16:04 +02:00
man1 localedef.1: ffix 2017-03-26 13:02:52 +02:00
man2 ioctl_list.2: BLKRASET/BLKRAGET take unsigned long 2017-04-10 16:16:04 +02:00
man3 getentropy.3: Some improvements to Nikos Mavrogiannopoulos's patch 2017-04-10 14:10:11 +02:00
man4 ioctl.2, ioctl_console.2, select_tut.2, termios.3, tty.4, pty.7, termio.7: Change page cross-references from tty_ioctl(4) to ioctl_tty(2) 2017-03-29 12:30:50 +02:00
man5 nsswitch.conf.5: Mention sudoers 2017-04-10 13:47:50 +02:00
man6 getent.1, _syscall.2, acct.2, adjtimex.2, bdflush.2, brk.2, cacheflush.2, getsid.2, getxattr.2, inotify_add_watch.2, inotify_init.2, inotify_rm_watch.2, ioperm.2, ipc.2, listxattr.2, mlock.2, modify_ldt.2, mremap.2, nanosleep.2, outb.2, perf_event_open.2, ptrace.2, removexattr.2, s390_runtime_instr.2, sched_get_priority_max.2, sched_rr_get_interval.2, sched_setaffinity.2, sched_setparam.2, sched_setscheduler.2, sched_yield.2, setsid.2, setxattr.2, socketcall.2, unimplemented.2, aio_cancel.3, aio_error.3, aio_fsync.3, aio_read.3, aio_return.3, aio_suspend.3, aio_write.3, cfree.3, crypt.3, dlopen.3, encrypt.3, errno.3, fenv.3, ftime.3, ftw.3, getgrent_r.3, getpass.3, getpwent_r.3, getutent.3, hsearch.3, lio_listio.3, lockf.3, login.3, longjmp.3, perror.3, printf.3, scandirat.3, setjmp.3, strfmon.3, strtoimax.3, termios.3, ttyname.3, ualarm.3, updwtmp.3, wcstoimax.3, wordexp.3, console_ioctl.4, dsp56k.4, fd.4, hd.4, intro.4, lp.4, mem.4, null.4, ram.4, rtc.4, sk98lin.4, tty.4, ttyS.4, vcs.4, filesystems.5, group.5, host.conf.5, hosts.5, intro.5, issue.5, motd.5, networks.5, nologin.5, nsswitch.conf.5, passwd.5, proc.5, protocols.5, securetty.5, shells.5, termcap.5, ttytype.5, utmp.5, intro.6, armscii-8.7, ascii.7, bootparam.7, cp1251.7, environ.7, glob.7, intro.7, iso_8859-1.7, iso_8859-10.7, iso_8859-11.7, iso_8859-13.7, iso_8859-14.7, iso_8859-15.7, iso_8859-16.7, iso_8859-2.7, iso_8859-3.7, iso_8859-4.7, iso_8859-5.7, iso_8859-6.7, iso_8859-7.7, iso_8859-8.7, iso_8859-9.7, koi8-r.7, koi8-u.7, posixoptions.7, standards.7, unicode.7, utf-8.7, intro.8: s/GPLv2+_doc_full/GPLv2+_DOC_FULL/ 2013-03-10 10:57:11 +01:00
man7 environ.7: Fix name of function that honors TMPDIR 2017-04-10 13:47:50 +02:00
man8 zdump.8: Add OPTIONS section heading 2017-04-10 13:47:50 +02:00
scripts man_show_fixme.sh: Fix rendering issue 2016-12-27 09:36:23 +01:00
Changes Start of man-pages-4.11: updating Changes and Changes.old 2017-03-14 15:23:18 +01:00
Changes.old Changes.old: Fixes to 4.10 changelog 2017-03-15 06:36:53 +01:00
Makefile Makefile: Drop compression support and 'screen' target 2016-04-20 14:06:00 +02:00
README README: Explain usage of prefix when installing 2014-05-26 10:16:11 +02:00
man-pages-4.11.Announce Start of man-pages-4.11: updating .Announce and .lsm files 2017-03-14 15:23:18 +01:00
man-pages-4.11.lsm Start of man-pages-4.11: updating .Announce and .lsm files 2017-03-14 15:23:18 +01:00

README

This package contains Linux man pages for sections
2, 3, 4, 5, and 7. Some more information is given in the
`Announce' file.

Install by copying to your favourite location.
"make install" will just copy them to /usr/share/man/man[1-8].
To install to a path different from /usr use
"make install prefix=/install/path".
"make" will move the pages from this package that are older than
the already installed ones to a subdirectory `not_installed',
then remove old versions (compressed or not),
compress the pages, and copy them to /usr/share/man/man[1-8].


Note that you may have to remove preformatted pages.

Note that sometimes these pages are duplicates of pages
also distributed in other packages. This has been reported
about dlclose.3, dlerror.3, dlopen.3, dlsym.3 (found in ld.so),
about resolver.3, resolv.conf.5 (found in bind-utils),
and about passwd.5, and mailaddr.7. Be careful not to
overwrite more up-to-date versions.
Reports on further duplicates are welcome.
Formerly present and now removed duplicates:
 exports.5 (found in nfs-server-2.2*),
 fstab.5, nfs.5 (found in util-linux-2.12*),
 lilo.8, lilo.conf.5 (found in lilo-21.6*).

Copyrights: These man pages come under various copyrights.
All pages are freely distributable when the nroff source is included.

If you have corrections and additions to suggest, see
http://www.kernel.org/doc/man-pages/contributing.html