| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 3 Sep 2020 15:41:23 -0300
From: Arnaldo Carvalho de Melo <acme@...nel.org>
To: Ian Rogers <irogers@...gle.com>
Cc: Namhyung Kim <namhyung@...nel.org>, Jiri Olsa <jolsa@...hat.com>,
William Cohen <wcohen@...hat.com>,
Ingo Molnar <mingo@...nel.org>,
Peter Zijlstra <a.p.zijlstra@...llo.nl>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Stephane Eranian <eranian@...gle.com>,
LKML <linux-kernel@...r.kernel.org>,
Andi Kleen <andi@...stfloor.org>,
John Garry <john.garry@...wei.com>,
Kajol Jain <kjain@...ux.ibm.com>
Subject: Re: [PATCH] perf jevents: Fix suspicious code in fixregex()
Em Thu, Sep 03, 2020 at 10:47:39AM -0700, Ian Rogers escreveu:
> On Thu, Sep 3, 2020 at 8:25 AM Namhyung Kim <namhyung@...nel.org> wrote:
> > The new string should have enough space for the original string and
> > the back slashes IMHO.
> > Cc: John Garry <john.garry@...wei.com>
> > Cc: Kajol Jain <kjain@...ux.ibm.com>
> > Cc: Ian Rogers <irogers@...gle.com>
> > Signed-off-by: Namhyung Kim <namhyung@...nel.org>
>
> Reviewed-by: Ian Rogers <irogers@...gle.com>
>
> Definitely looks like the right fix. I'm surprised this hasn't shown
> up in sanitizer testing.
Yeap, good catch! Namyung you forgot to add the Fixes tag + Cc the patch
author that introduced that bug, I did it:
Cc: William Cohen <wcohen@...hat.com>
Fixes: fbc2844e84038ce3 ("perf vendor events: Use more flexible pattern matching for CPU identification for mapfile.csv"
Please consider doing it next time :-)
Thanks a lot!
- Arnaldo
> Thanks,
> Ian
>
> > ---
> > tools/perf/pmu-events/jevents.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/tools/perf/pmu-events/jevents.c b/tools/perf/pmu-events/jevents.c
> > index fa86c5f997cc..fc9c158bfa13 100644
> > --- a/tools/perf/pmu-events/jevents.c
> > +++ b/tools/perf/pmu-events/jevents.c
> > @@ -137,7 +137,7 @@ static char *fixregex(char *s)
> > return s;
> >
> > /* allocate space for a new string */
> > - fixed = (char *) malloc(len + 1);
> > + fixed = (char *) malloc(len + esc_count + 1);
> > if (!fixed)
> > return NULL;
> >
> > --
> > 2.28.0.402.g5ffc5be6b7-goog
> >
--
- Arnaldo
Powered by blists - more mailing lists