Commit
e65e90520a5625405f5ab3467701e5bc429540f9
by Bernd HufmannPerform validation before reading new data for FTrace header parser
According to OWASP 2021 top 10 list [1], injection attacks are the third
most common type of cyber attack in 2021. When parsing a specific
section in the binary Ftrace header, the parser needs to read the
section size, then use this value as the limit to read the content of
the section. One can take advantage of this by modifying the section
sizes to go out of the trace size limit, thus gaining access into
unrelated memory locations.
This commit adds a security layer for the Ftrace header parser. It
ensures that the parser will not go out of bound by comparing the
expected different sections with the binary FTrace format and file size.
[1] https://owasp.org/Top10/
Change-Id: I561c94838324b0c5da86401d7405081ef29affbe
Signed-off-by: Hoang Thuan Pham <hoang.pham@calian.ca>
Reviewed-on: https://git.eclipse.org/r/c/tracecompass.incubator/org.eclipse.tracecompass.incubator/+/191407
Tested-by: Trace Compass Bot <tracecompass-bot@eclipse.org>
Tested-by: Matthew Khouzam <matthew.khouzam@ericsson.com>
Tested-by: Bernd Hufmann <bernd.hufmann@ericsson.com>
Reviewed-by: Matthew Khouzam <matthew.khouzam@ericsson.com>
Reviewed-by: Bernd Hufmann <bernd.hufmann@ericsson.com>
![[Jenkins]](/tracecompass/static/1fde279c/images/svgs/logo.svg){kind=logo}
