6734 dtrace_canstore_statvar() fails for some valid static variables

Reviewed by: Dan McDonald <danmcd@omniti.com>
Approved by: Richard Lowe <richlowe@richlowe.net>

4 files changed, 67 insertions, 4 deletions

diff --git a/usr/src/cmd/dtrace/test/tst/common/scalars/tst.16kglobal.d b/usr/src/cmd/dtrace/test/tst/common/scalars/tst.16kglobal.d
new file mode 100644
index 0000000000..8a5d1cd3a0
--- /dev/null
+++ b/usr/src/cmd/dtrace/test/tst/common/scalars/tst.16kglobal.d
@@ -0,0 +1,32 @@
+/*
+ * This file and its contents are supplied under the terms of the
+ * Common Development and Distribution License ("CDDL"), version 1.0.
+ * You may only use this file in accordance with the terms of version
+ * 1.0 of the CDDL.
+ *
+ * A full copy of the text of the CDDL should have accompanied this
+ * source.  A copy of the CDDL is also available via the Internet at
+ * http://www.illumos.org/license/CDDL.
+ */
+
+/*
+ * Copyright (c) 2016, Joyent, Inc. All rights reserved.
+ */
+
+#pragma D option strsize=16k
+
+char *k;
+
+BEGIN
+{
+	j = probeprov;
+	k = j;
+	k[0] = 'D';
+	k[1] = 'T';
+}
+
+BEGIN
+{
+	trace(stringof(k));
+	exit(k == "DTrace" ? 0 : 1);
+}
diff --git a/usr/src/cmd/dtrace/test/tst/common/scalars/tst.16klocal.d b/usr/src/cmd/dtrace/test/tst/common/scalars/tst.16klocal.d
new file mode 100644
index 0000000000..930520c235
--- /dev/null
+++ b/usr/src/cmd/dtrace/test/tst/common/scalars/tst.16klocal.d
@@ -0,0 +1,29 @@
+/*
+ * This file and its contents are supplied under the terms of the
+ * Common Development and Distribution License ("CDDL"), version 1.0.
+ * You may only use this file in accordance with the terms of version
+ * 1.0 of the CDDL.
+ *
+ * A full copy of the text of the CDDL should have accompanied this
+ * source.  A copy of the CDDL is also available via the Internet at
+ * http://www.illumos.org/license/CDDL.
+ */
+
+/*
+ * Copyright (c) 2016, Joyent, Inc. All rights reserved.
+ */
+
+#pragma D option strsize=16k
+
+BEGIN
+{
+	this->j = probeprov;
+	this->j[0] = 'D';
+	this->j[1] = 'T';
+}
+
+BEGIN
+{
+	trace(this->j);
+	exit(this->j == "DTrace" ? 0 : 1);
+}
diff --git a/usr/src/pkg/manifests/system-dtrace-tests.mf b/usr/src/pkg/manifests/system-dtrace-tests.mf
index 74edb5b47f..8afe5cccb6 100644
--- a/usr/src/pkg/manifests/system-dtrace-tests.mf
+++ b/usr/src/pkg/manifests/system-dtrace-tests.mf
@@ -1575,6 +1575,8 @@ file path=opt/SUNWdtrt/tst/common/scalars/err.D_OP_INCOMPAT.dupttype.d \
 file path=opt/SUNWdtrt/tst/common/scalars/err.D_SYNTAX.declare.d mode=0444
 file path=opt/SUNWdtrt/tst/common/scalars/err.bigglobal.d mode=0444
 file path=opt/SUNWdtrt/tst/common/scalars/err.biglocal.d mode=0444
+file path=opt/SUNWdtrt/tst/common/scalars/tst.16kglobal.d mode=0444
+file path=opt/SUNWdtrt/tst/common/scalars/tst.16klocal.d mode=0444
 file path=opt/SUNWdtrt/tst/common/scalars/tst.basicvar.d mode=0444
 file path=opt/SUNWdtrt/tst/common/scalars/tst.basicvar.d.out mode=0444
 file path=opt/SUNWdtrt/tst/common/scalars/tst.localvar.d mode=0444
diff --git a/usr/src/uts/common/dtrace/dtrace.c b/usr/src/uts/common/dtrace/dtrace.c
index 266c55fb76..5243f0c982 100644
--- a/usr/src/uts/common/dtrace/dtrace.c
+++ b/usr/src/uts/common/dtrace/dtrace.c
@@ -599,8 +599,8 @@ dtrace_canstore_statvar(uint64_t addr, size_t sz,
 	if (nsvars == 0)
 		return (0);
 
-	maxglobalsize = dtrace_statvar_maxsize;
-	maxlocalsize = (maxglobalsize + sizeof (uint64_t)) * NCPU;
+	maxglobalsize = dtrace_statvar_maxsize + sizeof (uint64_t);
+	maxlocalsize = maxglobalsize * NCPU;
 
 	for (i = 0; i < nsvars; i++) {
 		dtrace_statvar_t *svar = svars[i];
@@ -618,8 +618,8 @@ dtrace_canstore_statvar(uint64_t addr, size_t sz,
 		 * DTrace to escalate an orthogonal kernel heap corruption bug
 		 * into the ability to store to arbitrary locations in memory.
 		 */
-		VERIFY((scope == DIFV_SCOPE_GLOBAL && size < maxglobalsize) ||
-		    (scope == DIFV_SCOPE_LOCAL && size < maxlocalsize));
+		VERIFY((scope == DIFV_SCOPE_GLOBAL && size <= maxglobalsize) ||
+		    (scope == DIFV_SCOPE_LOCAL && size <= maxlocalsize));
 
 		if (DTRACE_INRANGE(addr, sz, svar->dtsv_data, svar->dtsv_size))
 			return (1);