lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Date:   Wed, 30 Oct 2019 14:10:32 +0530
From:   Chandan Rajendra <chandanrlinux@...il.com>
To:     linux-kernel@...r.kernel.org
Cc:     Chandan Rajendra <chandanrlinux@...il.com>,
        ravi.bangoria@...ux.ibm.com, peterz@...radead.org,
        mingo@...hat.com, acme@...nel.org, mark.rutland@....com,
        alexander.shishkin@...ux.intel.com, jolsa@...hat.com,
        namhyung@...nel.org, rostedt@...dmis.org, tstoyanov@...are.com,
        gregkh@...uxfoundation.org, kstewart@...uxfoundation.org,
        tglx@...utronix.de, chandan@...ux.ibm.com
Subject: [PATCH] perf script: Fix obtaining next event

The current code segfaults when perf.data file contains two or more
events. This happens due to incorrect pointer arithmetic being performed
in trace_find_next_event().

tep_handle->events is an array of pointers to 'struct tep_event'. The
pointer arithmetic interprets tep_handle->events as an array of 'struct
tep_event' elements.

This commit replaces the usage of pointer arithmetic with calls to
tep_get_event().

Fixes: bb3dd7e ("tools lib traceevent, perf tools: Move struct tep_handler definition in a local header file")
Signed-off-by: Chandan Rajendra <chandanrlinux@...il.com>
---
 tools/perf/util/trace-event-parse.c | 24 +++++++-----------------
 1 file changed, 7 insertions(+), 17 deletions(-)

diff --git a/tools/perf/util/trace-event-parse.c b/tools/perf/util/trace-event-parse.c
index 5d6bfc70b210..7bf423a3631e 100644
--- a/tools/perf/util/trace-event-parse.c
+++ b/tools/perf/util/trace-event-parse.c
@@ -176,31 +176,21 @@ int parse_event_file(struct tep_handle *pevent,
 struct tep_event *trace_find_next_event(struct tep_handle *pevent,
 					struct tep_event *event)
 {
-	static int idx;
+	int idx;
 	int events_count;
-	struct tep_event *all_events;
 
-	all_events = tep_get_first_event(pevent);
 	events_count = tep_get_events_count(pevent);
-	if (!pevent || !all_events || events_count < 1)
+	if (!pevent || events_count < 1)
 		return NULL;
 
-	if (!event) {
-		idx = 0;
-		return all_events;
-	}
+	if (!event)
+		return tep_get_event(pevent, 0);
 
-	if (idx < events_count && event == (all_events + idx)) {
-		idx++;
-		if (idx == events_count)
-			return NULL;
-		return (all_events + idx);
+	for (idx = 0; idx < events_count - 1; idx++) {
+		if (event == tep_get_event(pevent, idx))
+			return tep_get_event(pevent, idx + 1);
 	}
 
-	for (idx = 1; idx < events_count; idx++) {
-		if (event == (all_events + (idx - 1)))
-			return (all_events + idx);
-	}
 	return NULL;
 }
 
-- 
2.19.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ