lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20170322130624.21881-6-tommi.t.rantala@nokia.com>
Date:   Wed, 22 Mar 2017 15:06:23 +0200
From:   Tommi Rantala <tommi.t.rantala@...ia.com>
To:     Peter Zijlstra <peterz@...radead.org>,
        Ingo Molnar <mingo@...hat.com>,
        Arnaldo Carvalho de Melo <acme@...nel.org>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>
CC:     <linux-kernel@...r.kernel.org>,
        Tommi Rantala <tommi.t.rantala@...ia.com>
Subject: [PATCH 5/6] perf utils: null terminate buf in read_ftrace_printk()

Ensure that the string that we read from the data file is null terminated.

Valgrind was complaining:

  ==31357== Invalid read of size 1
  ==31357==    at 0x4EC8C1: __strtok_r_1c (string2.h:200)
  ==31357==    by 0x4EC8C1: parse_ftrace_printk (trace-event-parse.c:161)
  ==31357==    by 0x4F82A8: read_ftrace_printk (trace-event-read.c:204)
  ==31357==    by 0x4F82A8: trace_report (trace-event-read.c:468)
  ==31357==    by 0x4CD552: process_tracing_data (header.c:1576)
  ==31357==    by 0x4D3397: perf_file_section__process (header.c:2705)
  ==31357==    by 0x4D3397: perf_header__process_sections (header.c:2488)
  ==31357==    by 0x4D3397: perf_session__read_header (header.c:2925)
  ==31357==    by 0x4E71E2: perf_session__open (session.c:32)
  ==31357==    by 0x4E71E2: perf_session__new (session.c:139)
  ==31357==    by 0x429F5D: cmd_annotate (builtin-annotate.c:472)
  ==31357==    by 0x497150: run_builtin (perf.c:359)
  ==31357==    by 0x428CE0: handle_internal_command (perf.c:421)
  ==31357==    by 0x428CE0: run_argv (perf.c:467)
  ==31357==    by 0x428CE0: main (perf.c:614)
  ==31357==  Address 0x8ac0efb is 0 bytes after a block of size 1,963 alloc'd
  ==31357==    at 0x4C2DB9D: malloc (vg_replace_malloc.c:299)
  ==31357==    by 0x4F827B: read_ftrace_printk (trace-event-read.c:195)
  ==31357==    by 0x4F827B: trace_report (trace-event-read.c:468)
  ==31357==    by 0x4CD552: process_tracing_data (header.c:1576)
  ==31357==    by 0x4D3397: perf_file_section__process (header.c:2705)
  ==31357==    by 0x4D3397: perf_header__process_sections (header.c:2488)
  ==31357==    by 0x4D3397: perf_session__read_header (header.c:2925)
  ==31357==    by 0x4E71E2: perf_session__open (session.c:32)
  ==31357==    by 0x4E71E2: perf_session__new (session.c:139)
  ==31357==    by 0x429F5D: cmd_annotate (builtin-annotate.c:472)
  ==31357==    by 0x497150: run_builtin (perf.c:359)
  ==31357==    by 0x428CE0: handle_internal_command (perf.c:421)
  ==31357==    by 0x428CE0: run_argv (perf.c:467)
  ==31357==    by 0x428CE0: main (perf.c:614)

Signed-off-by: Tommi Rantala <tommi.t.rantala@...ia.com>
---
 tools/perf/util/trace-event-read.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/tools/perf/util/trace-event-read.c b/tools/perf/util/trace-event-read.c
index 2742015..04605c0 100644
--- a/tools/perf/util/trace-event-read.c
+++ b/tools/perf/util/trace-event-read.c
@@ -192,7 +192,7 @@ static int read_ftrace_printk(struct pevent *pevent)
 	if (!size)
 		return 0;
 
-	buf = malloc(size);
+	buf = malloc(size+1);
 	if (buf == NULL)
 		return -1;
 
@@ -201,6 +201,8 @@ static int read_ftrace_printk(struct pevent *pevent)
 		return -1;
 	}
 
+	buf[size] = '\0';
+
 	parse_ftrace_printk(pevent, buf, size);
 
 	free(buf);
-- 
2.9.3

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ