lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 30 May 2014 15:03:03 +0900
From:	Namhyung Kim <namhyung@...il.com>
To:	Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
Cc:	linux-kernel@...r.kernel.org,
	Arnaldo Carvalho de Melo <acme@...nel.org>,
	Jiri Olsa <jolsa@...hat.com>, Ingo Molnar <mingo@...hat.com>,
	Paul Mackerras <paulus@...ba.org>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>
Subject: Re: [PATCH -tip/urgent ] [BUGFIX] perf/probe: Fix a segfault if asked for variable it doesn't find

Hi Masami,

On Thu, 29 May 2014 19:52:32 +0900, Masami Hiramatsu wrote:
> Fix a segfault bug by asking for variable it doesn't find.
> Since the convert_variable() didn't handle error code returned
> from convert_variable_location(), it just passed an incomplete
> variable field and then a segfault was occured when formatting
> the field.
>
> This fixes that bug by handling success code correctly in
> convert_variable(). Other callers of convert_variable_location()
> are correctly checking the return code.
>
> This bug was introduced by following commit. But another hidden
> erroneous error handling has been there previuosly (-ENOMEM case).

And -ERANGE too.. :)

Thanks,
Namhyung

>
>  commit 3d918a12a1b3088ac16ff37fa52760639d6e2403
>
> Signed-off-by: Masami Hiramatsu <masami.hiramatsu.pt@...achi.com>
> Reported-by: Arnaldo Carvalho de Melo <acme@...nel.org>
> Cc: Peter Zijlstra <a.p.zijlstra@...llo.nl>
> Cc: Paul Mackerras <paulus@...ba.org>
> Cc: Ingo Molnar <mingo@...hat.com>
> Cc: Namhyung Kim <namhyung@...nel.org>
> Cc: Jiri Olsa <jolsa@...hat.com>
> ---
>  tools/perf/util/probe-finder.c |    4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/tools/perf/util/probe-finder.c b/tools/perf/util/probe-finder.c
> index 5627621..9d8eb26 100644
> --- a/tools/perf/util/probe-finder.c
> +++ b/tools/perf/util/probe-finder.c
> @@ -511,12 +511,12 @@ static int convert_variable(Dwarf_Die *vr_die, struct probe_finder *pf)
>  
>  	ret = convert_variable_location(vr_die, pf->addr, pf->fb_ops,
>  					&pf->sp_die, pf->tvar);
> -	if (ret == -ENOENT)
> +	if (ret == -ENOENT || ret == -EINVAL)
>  		pr_err("Failed to find the location of %s at this address.\n"
>  		       " Perhaps, it has been optimized out.\n", pf->pvar->var);
>  	else if (ret == -ENOTSUP)
>  		pr_err("Sorry, we don't support this variable location yet.\n");
> -	else if (pf->pvar->field) {
> +	else if (ret == 0 && pf->pvar->field) {
>  		ret = convert_variable_fields(vr_die, pf->pvar->var,
>  					      pf->pvar->field, &pf->tvar->ref,
>  					      &die_mem);
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ