lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 18 Oct 2012 10:17:57 +0900
From:	Hyeoncheol Lee <hyc.lee@...il.com>
To:	acme@...stprotocols.net
Cc:	LKML <linux-kernel@...r.kernel.org>,
	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>,
	Srikar Dronamraju <srikar@...ux.vnet.ibm.com>
Subject: [PATCH v2] perf probe: convert_name_to_addr() allocated the wrong size buffers for names

The function allocated wrong size buffers for names

Cc: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
Cc: Srikar Dronamraju <srikar@...ux.vnet.ibm.com>
Signed-off-by: Hyeoncheol Lee <hyc.lee@...il.com>
---
 v2: - Added a comment for MAX_ADDRNAME_LEN

 tools/perf/util/probe-event.c |   17 +++++++++++++----
 1 file changed, 13 insertions(+), 4 deletions(-)

diff --git a/tools/perf/util/probe-event.c b/tools/perf/util/probe-event.c
index 49a256e..661bbdf 100644
--- a/tools/perf/util/probe-event.c
+++ b/tools/perf/util/probe-event.c
@@ -2274,6 +2274,14 @@ int show_available_funcs(const char *target, struct strfilter *_filter,
 }
 
 /*
+ * MAX_ADDRNAME_LEN is the maximum length of a function name for uprobe_events
+ * Because each half byte is encoded in one hex character,
+ * sizeof(type)*2 is the maximum length of hexadecimal number of the type.
+ * Another 3 bytes are for "0x" and a null character
+ */
+#define MAX_ADDRNAME_LEN  (3 + sizeof(unsigned long long) * 2)
+
+/*
  * uprobe_events only accepts address:
  * Convert function and any offset to address
  */
@@ -2332,7 +2340,7 @@ static int convert_name_to_addr(struct perf_probe_event *pev, const char *exec)
 	if (!pev->group) {
 		char *ptr1, *ptr2, *exec_copy;
 
-		pev->group = zalloc(sizeof(char *) * 64);
+		pev->group = zalloc(sizeof(char) * 64);
 		exec_copy = strdup(exec);
 		if (!exec_copy) {
 			ret = -ENOMEM;
@@ -2352,14 +2360,15 @@ static int convert_name_to_addr(struct perf_probe_event *pev, const char *exec)
 		free(exec_copy);
 	}
 	free(pp->function);
-	pp->function = zalloc(sizeof(char *) * MAX_PROBE_ARGS);
+	pp->function = zalloc(sizeof(char) * MAX_ADDRNAME_LEN);
 	if (!pp->function) {
 		ret = -ENOMEM;
 		pr_warning("Failed to allocate memory by zalloc.\n");
 		goto out;
 	}
-	e_snprintf(pp->function, MAX_PROBE_ARGS, "0x%llx", vaddr);
-	ret = 0;
+	ret = e_snprintf(pp->function, MAX_ADDRNAME_LEN, "0x%llx", vaddr);
+	if (ret > 0)
+		ret = 0;
 
 out:
 	if (map) {
-- 
1.7.10.4

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ