lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <5d7c9f8a-76f7-7c77-62a3-f94adc083497@intel.com>
Date:   Tue, 19 Jul 2022 13:45:56 +0300
From:   Adrian Hunter <adrian.hunter@...el.com>
To:     Ian Rogers <irogers@...gle.com>
Cc:     Arnaldo Carvalho de Melo <acme@...nel.org>,
        Jiri Olsa <jolsa@...hat.com>,
        Namhyung Kim <namhyung@...nel.org>,
        linux-kernel@...r.kernel.org
Subject: Re: [PATCH 1/2] perf parse-events: Fix segfault when event parser
 gets an error

On 19/07/22 04:10, Ian Rogers wrote:
> On Tue, Jul 12, 2022 at 4:28 AM Adrian Hunter <adrian.hunter@...el.com> wrote:
>>
>> parse_events() is often called with parse_events_error set to NULL.
>> Make parse_events_error__handle() not segfault in that case.
>>
>> Fixes: 43eb05d06679 ("perf tests: Support 'Track with sched_switch' test for hybrid")
>> Signed-off-by: Adrian Hunter <adrian.hunter@...el.com>
>> ---
>>  tools/perf/util/parse-events.c | 14 +++++++++++---
>>  1 file changed, 11 insertions(+), 3 deletions(-)
>>
>> diff --git a/tools/perf/util/parse-events.c b/tools/perf/util/parse-events.c
>> index 7ed235740431..700c95eafd62 100644
>> --- a/tools/perf/util/parse-events.c
>> +++ b/tools/perf/util/parse-events.c
>> @@ -2391,9 +2391,12 @@ void parse_events_error__exit(struct parse_events_error *err)
>>  void parse_events_error__handle(struct parse_events_error *err, int idx,
>>                                 char *str, char *help)
>>  {
>> -       if (WARN(!str, "WARNING: failed to provide error string\n")) {
>> -               free(help);
>> -               return;
>> +       if (WARN(!str, "WARNING: failed to provide error string\n"))
>> +               goto out_free;
>> +       if (!err) {
>> +               /* Assume caller does not want message printed */
>> +               pr_debug("event syntax error: %s\n", str);
>> +               goto out_free;
> 
> 
> It feels like a simpler invariant (as done elsewhere) to have the
> caller always pass err and then in the caller to call
> parse_events_error__exit. Any reason for behavior change?

This is a bug fix. More complicated changes can be done separately,
if desired, but it is wrong to segfault here in any case.

> 
> Thanks,
> Ian
> 
>>         }
>>         switch (err->num_errors) {
>>         case 0:
>> @@ -2419,6 +2422,11 @@ void parse_events_error__handle(struct parse_events_error *err, int idx,
>>                 break;
>>         }
>>         err->num_errors++;
>> +       return;
>> +
>> +out_free:
>> +       free(str);
>> +       free(help);
>>  }
>>
>>  #define MAX_WIDTH 1000
>> --
>> 2.25.1
>>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ