lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1426145571-3065-2-git-send-email-namhyung@kernel.org>
Date:	Thu, 12 Mar 2015 16:32:46 +0900
From:	Namhyung Kim <namhyung@...nel.org>
To:	Arnaldo Carvalho de Melo <acme@...nel.org>
Cc:	Ingo Molnar <mingo@...nel.org>,
	Peter Zijlstra <a.p.zijlstra@...llo.nl>,
	Jiri Olsa <jolsa@...hat.com>,
	LKML <linux-kernel@...r.kernel.org>,
	David Ahern <dsahern@...il.com>,
	Minchan Kim <minchan@...nel.org>,
	Joonsoo Kim <js1304@...il.com>
Subject: [PATCH 1/6] perf kmem: Fix segfault when invalid sort key is given

When it tries to free 'str', it was already updated by strsep() - so
it needs to save the original pointer.

  # perf kmem stat -s xxx,hit
    Error: Unknown --sort key: 'xxx'
  *** Error in `perf': free(): invalid pointer: 0x0000000000e9e7b6 ***
  ======= Backtrace: =========
  /usr/lib/libc.so.6(+0x7198e)[0x7fc7e6e0d98e]
  /usr/lib/libc.so.6(+0x76dee)[0x7fc7e6e12dee]
  /usr/lib/libc.so.6(+0x775cb)[0x7fc7e6e135cb]
  ./perf[0x44a1b5]
  ./perf[0x490b20]
  ./perf(parse_options_step+0x173)[0x491773]
  ./perf(parse_options_subcommand+0xa7)[0x491fb7]
  ./perf(cmd_kmem+0x2bc)[0x44ae4c]
  ./perf[0x47aa13]
  ./perf(main+0x60a)[0x427a9a]
  /usr/lib/libc.so.6(__libc_start_main+0xf0)[0x7fc7e6dbc800]
  ./perf(_start+0x29)[0x427bb9]

Signed-off-by: Namhyung Kim <namhyung@...nel.org>
---
 tools/perf/builtin-kmem.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tools/perf/builtin-kmem.c b/tools/perf/builtin-kmem.c
index f295141025bc..a0da5fb44b9e 100644
--- a/tools/perf/builtin-kmem.c
+++ b/tools/perf/builtin-kmem.c
@@ -559,6 +559,7 @@ static int setup_sorting(struct list_head *sort_list, const char *arg)
 {
 	char *tok;
 	char *str = strdup(arg);
+	char *pos = str;
 
 	if (!str) {
 		pr_err("%s: strdup failed\n", __func__);
@@ -566,7 +567,7 @@ static int setup_sorting(struct list_head *sort_list, const char *arg)
 	}
 
 	while (true) {
-		tok = strsep(&str, ",");
+		tok = strsep(&pos, ",");
 		if (!tok)
 			break;
 		if (sort_dimension__add(tok, sort_list) < 0) {
-- 
2.3.1

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ