lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <20211213084829.114772-3-adrian.hunter@intel.com>
Date:   Mon, 13 Dec 2021 10:48:29 +0200
From:   Adrian Hunter <adrian.hunter@...el.com>
To:     Arnaldo Carvalho de Melo <acme@...nel.org>
Cc:     Jiri Olsa <jolsa@...hat.com>, linux-kernel@...r.kernel.org,
        Riccardo Mancini <rickyman7@...il.com>,
        Namhyung Kim <namhyung@...nel.org>
Subject: [PATCH 2/2] perf inject: Fix segfault due to perf_data__fd() without open

The fixed commit attempts to get the output file descriptor even if the
file was never opened e.g.

 $ perf record uname
 Linux
 [ perf record: Woken up 1 times to write data ]
 [ perf record: Captured and wrote 0.002 MB perf.data (7 samples) ]
 $ perf inject -i perf.data --vm-time-correlation=dry-run
 Segmentation fault (core dumped)
 $ gdb --quiet perf
 Reading symbols from perf...
 (gdb) r inject -i perf.data --vm-time-correlation=dry-run
 Starting program: /home/ahunter/bin/perf inject -i perf.data --vm-time-correlation=dry-run
 [Thread debugging using libthread_db enabled]
 Using host libthread_db library "/lib/x86_64-linux-gnu/libthread_db.so.1".

 Program received signal SIGSEGV, Segmentation fault.
 __GI___fileno (fp=0x0) at fileno.c:35
 35      fileno.c: No such file or directory.
 (gdb) bt
 #0  __GI___fileno (fp=0x0) at fileno.c:35
 #1  0x00005621e48dd987 in perf_data__fd (data=0x7fff4c68bd08) at util/data.h:72
 #2  perf_data__fd (data=0x7fff4c68bd08) at util/data.h:69
 #3  cmd_inject (argc=<optimized out>, argv=0x7fff4c69c1f0) at builtin-inject.c:1017
 #4  0x00005621e4936783 in run_builtin (p=0x5621e4ee6878 <commands+600>, argc=4, argv=0x7fff4c69c1f0) at perf.c:313
 #5  0x00005621e4897d5c in handle_internal_command (argv=<optimized out>, argc=<optimized out>) at perf.c:365
 #6  run_argv (argcp=<optimized out>, argv=<optimized out>) at perf.c:409
 #7  main (argc=4, argv=0x7fff4c69c1f0) at perf.c:539
 (gdb)

Fixes: 0ae03893623d ("perf tools: Pass a fd to perf_file_header__read_pipe()")
Cc: stable@...r.kernel.org
Signed-off-by: Adrian Hunter <adrian.hunter@...el.com>
---
 tools/perf/builtin-inject.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/tools/perf/builtin-inject.c b/tools/perf/builtin-inject.c
index af70f1c72052..409b721666cb 100644
--- a/tools/perf/builtin-inject.c
+++ b/tools/perf/builtin-inject.c
@@ -755,12 +755,16 @@ static int parse_vm_time_correlation(const struct option *opt, const char *str,
 	return inject->itrace_synth_opts.vm_tm_corr_args ? 0 : -ENOMEM;
 }
 
+static int output_fd(struct perf_inject *inject)
+{
+	return inject->in_place_update ? -1 : perf_data__fd(&inject->output);
+}
+
 static int __cmd_inject(struct perf_inject *inject)
 {
 	int ret = -EINVAL;
 	struct perf_session *session = inject->session;
-	struct perf_data *data_out = &inject->output;
-	int fd = inject->in_place_update ? -1 : perf_data__fd(data_out);
+	int fd = output_fd(inject);
 	u64 output_data_offset;
 
 	signal(SIGINT, sig_handler);
@@ -1015,7 +1019,7 @@ int cmd_inject(int argc, const char **argv)
 	}
 
 	inject.session = __perf_session__new(&data, repipe,
-					     perf_data__fd(&inject.output),
+					     output_fd(&inject),
 					     &inject.tool);
 	if (IS_ERR(inject.session)) {
 		ret = PTR_ERR(inject.session);
-- 
2.25.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ