lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-ID: <20190214102238.nobo5vfsvmlyjyhv@yubo-2>
Date:   Thu, 14 Feb 2019 05:22:39 -0500
From:   YU Bo <tsu.yubo@...il.com>
To:     Jiri Olsa <jolsa@...hat.com>
Cc:     peterz@...radead.org, mingo@...hat.com, acme@...nel.org,
        alexander.shishkin@...ux.intel.com, namhyung@...nel.org,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH] perf trace: Fix potential USE_AFTER_FREE  problem

Hi,
On Thu, Feb 14, 2019 at 09:34:11AM +0100, Jiri Olsa wrote:
>On Thu, Feb 14, 2019 at 12:23:56AM -0500, Bo YU wrote:
>> From: Bo Yu <tsu.yubo@...il.com>
>>
>> There is a freed pointer "evsel", so fix it.
>>
>> Detected by CoverityScan, CID#1442595("Memory-illegalaccesses
>> (USE_AFTER_FREE)")
>> Fixes: 6ab3bc240ade4("perf trace: Support multiple "vfs_getname" probes")
>>
>> Signed-off-by: Bo Yu <tsu.yubo@...il.com>
>> ---
>>  tools/perf/builtin-trace.c | 2 +-
>>  1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/tools/perf/builtin-trace.c b/tools/perf/builtin-trace.c
>> index b36061cd1ab8..4036b20a1067 100644
>> --- a/tools/perf/builtin-trace.c
>> +++ b/tools/perf/builtin-trace.c
>> @@ -2515,7 +2515,7 @@ static size_t trace__fprintf_thread_summary(struct trace *trace, FILE *fp);
>>  static bool perf_evlist__add_vfs_getname(struct perf_evlist *evlist)
>>  {
>>  	bool found = false;
>> -	struct perf_evsel *evsel, *tmp;
>> +	struct perf_evsel *evsel = NULL, *tmp;
>
>hum, I can't see how this change could matter,
>could you pelase explain
First, this is a warning reported by CoverityScan,but in fact i do not how
to answer your question :(.
Second, if i remember right, temporary element of list_for_each_entry_safe
should be initialized with NULL otherwise it will complain via gcc.
Please correct me :)
Thanks,
>
>jirka
>
>>  	struct parse_events_error err = { .idx = 0, };
>>  	int ret = parse_events(evlist, "probe:vfs_getname*", &err);
>>
>> --
>> 2.11.0
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ