lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Message-ID: <20200608161716.GB3073@kernel.org>
Date:   Mon, 8 Jun 2020 13:17:16 -0300
From:   Arnaldo Carvalho de Melo <acme@...nel.org>
To:     gaurav singh <gaurav1086@...il.com>
Cc:     peterz@...radead.org, mingo@...hat.com, mark.rutland@....com,
        alexander.shishkin@...ux.intel.com, jolsa@...hat.com,
        namhyung@...nel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] Fix null pointer dereference in
 hists__fprintf_nr_sample_events

Em Sat, Jun 06, 2020 at 06:44:45PM -0400, gaurav singh escreveu:
> Hi,
> 
> evname is assigned if condition (evsel__is_group_event(evsel)) is true . It
> is checked for nullnuess here:
> 
>     if (evname != NULL) {
>         ret += fprintf(fp, " of event%s '%s'",
>                    evsel->core.nr_members > 1 ? "s" : "", evname);
>     }
> 
> and later on its used directly : strstr(evname, "call-graph=no")) which can
> possibly cause null pointer dereference. In order to fix this, add an an
> extra check in the if.
> 
> Please find the patch below.
> 
> Thanks and regards,
> Gaurav.

I'm applying the patch by hand, your e-mail client garbled it, I'm also
adding:

Cc: Kan Liang <kan.liang@...el.com>
Fixes: 9e207ddfa207 ("perf report: Show call graph from reference events")

Thanks,

- Arnaldo
 
> 
> From 399b3faaa5283a488f4227a13d69255e0f316d94 Mon Sep 17 00:00:00 2001
> From: Gaurav Singh <gaurav1086@...il.com>
> Date: Sat, 6 Jun 2020 18:37:17 -0400
> Subject: [PATCH] Fix null pointer dereference in
>  hists__fprintf_nr_sample_events
> 
> Signed-off-by: Gaurav Singh <gaurav1086@...il.com>
> ---
>  tools/perf/builtin-report.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tools/perf/builtin-report.c b/tools/perf/builtin-report.c
> index b63b3fb2de70..d8a45c28ba53 100644
> --- a/tools/perf/builtin-report.c
> +++ b/tools/perf/builtin-report.c
> @@ -478,7 +478,7 @@ static size_t hists__fprintf_nr_sample_events(struct
> hists *hists, struct report
>   if (rep->time_str)
>   ret += fprintf(fp, " (time slices: %s)", rep->time_str);
> 
> - if (symbol_conf.show_ref_callgraph &&
> + if (symbol_conf.show_ref_callgraph && evname != NULL &&
>      strstr(evname, "call-graph=no")) {
>   ret += fprintf(fp, ", show reference callgraph");
>   }
> -- 
> 2.17.1

-- 

- Arnaldo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ