lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:   Tue, 1 Jun 2021 10:23:52 -0300
From:   Arnaldo Carvalho de Melo <acme@...nel.org>
To:     Li Huafei <lihuafei1@...wei.com>
Cc:     mhiramat@...nel.org, namhyung@...nel.org, peterz@...radead.org,
        mingo@...hat.com, mark.rutland@....com,
        alexander.shishkin@...ux.intel.com, jolsa@...hat.com,
        srikar@...ux.vnet.ibm.com, fche@...hat.com, Jianlin.Lv@....com,
        linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org,
        yangjihong1@...wei.com, zhangjinhao2@...wei.com
Subject: Re: [PATCH] perf probe: Fix null pointer dereference in
 convert_variable_location()

Em Tue, Jun 01, 2021 at 05:27:50PM +0800, Li Huafei escreveu:
> If we just check whether the variable can be converted, 'tvar' should be
> a null pointer. However, the null pointer check is missing in the
> 'Constant value' execution path.
> 
> The following cases can trigger this problem:
> 
> 	$ cat test.c
> 	#include <stdio.h>

Thanks for providing the detailed analysis and test steps, I've
reproduced the problem before the patch and it now works with your
patch:

[acme@...e tmp]$ sudo perf probe -x ./test main:6
Added new event:
  probe_test:main_L6   (on main:6 in /tmp/test)

You can now use it in all perf tools, such as:

	perf record -e probe_test:main_L6 -aR sleep 1

[acme@...e tmp]$

Thanks, applied.

- Arnaldo

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ