lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 10 Jul 2020 22:11:23 +0900 From: Masami Hiramatsu <mhiramat@...nel.org> To: Arnaldo Carvalho de Melo <acme@...nel.org>, Arnaldo Carvalho de Melo <acme@...hat.com> Cc: Oleg Nesterov <oleg@...hat.com>, Srikar Dronamraju <srikar@...ux.vnet.ibm.com>, linux-kernel@...r.kernel.org, mhiramat@...nel.org, Andi Kleen <andi@...stfloor.org>, Andi Kleen <ak@...ux.intel.com> Subject: [PATCH v2 3/4] perf-probe: Fix memory leakage when the probe point is not found Fix the memory leakage in debuginfo__find_trace_events() when the probe point is not found in the debuginfo. If there is no probe point found in the debuginfo, debuginfo__find_probes() will NOT return -ENOENT, but 0. Thus the caller of debuginfo__find_probes() must check the tf.ntevs and release the allocated memory for the array of struct probe_trace_event. The current code releases the memory only if the debuginfo__find_probes() hits an error but not checks tf.ntevs. In the result, the memory allocated on *tevs are not released if tf.ntevs == 0. This fixes the memory leakage by checking tf.ntevs == 0 in addition to ret < 0. Fixes: ff741783506c ("perf probe: Introduce debuginfo to encapsulate dwarf information") Cc: stable@...r.kernel.org Signed-off-by: Masami Hiramatsu <mhiramat@...nel.org> Reviewed-by: Srikar Dronamraju <srikar@...ux.vnet.ibm.com> --- tools/perf/util/probe-finder.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tools/perf/util/probe-finder.c b/tools/perf/util/probe-finder.c index 9963e4e8ea20..659024342e9a 100644 --- a/tools/perf/util/probe-finder.c +++ b/tools/perf/util/probe-finder.c @@ -1467,7 +1467,7 @@ int debuginfo__find_trace_events(struct debuginfo *dbg, if (ret >= 0 && tf.pf.skip_empty_arg) ret = fill_empty_trace_arg(pev, tf.tevs, tf.ntevs); - if (ret < 0) { + if (ret < 0 || tf.ntevs == 0) { for (i = 0; i < tf.ntevs; i++) clear_probe_trace_event(&tf.tevs[i]); zfree(tevs);
Powered by blists - more mailing lists