linux-kernel - Re: [PATCH v1] perf parse-events: Avoid erange from hex numbers

lists.openwall.net		lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC
Open Source and information security mailing list archives

Hash Suite: Windows password security audit tool. GUI, reports in PDF.

[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]

Message-ID: <CAP-5=fVaK2hhBTX4=zKX5Dft36RurctYEtGzsdUp6XKsjHguMw@mail.gmail.com>
Date:   Fri, 6 Oct 2023 08:29:47 -0700
From:   Ian Rogers <irogers@...gle.com>
To:     Peter Zijlstra <peterz@...radead.org>,
        Ingo Molnar <mingo@...hat.com>,
        Arnaldo Carvalho de Melo <acme@...nel.org>,
        Mark Rutland <mark.rutland@....com>,
        Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
        Jiri Olsa <jolsa@...nel.org>,
        Namhyung Kim <namhyung@...nel.org>,
        Ian Rogers <irogers@...gle.com>,
        Adrian Hunter <adrian.hunter@...el.com>,
        Rob Herring <robh@...nel.org>,
        linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1] perf parse-events: Avoid erange from hex numbers

On Thu, Sep 7, 2023 at 2:05 PM Ian Rogers <irogers@...gle.com> wrote:
>
> We specify that a "num_hex" comprises 1 or more digits, however, that
> allows strtoull to fail with ERANGE. Limit the number of hex digits to
> being between 1 and 16.
>
> Before:
> ```
> $ perf stat -e 'cpu/rE7574c47490475745/' true
> perf: util/parse-events.c:215: fix_raw: Assertion `errno == 0' failed.
> Aborted (core dumped)
> ```
>
> After:
> ```
> $ perf stat -e 'cpu/rE7574c47490475745/' true
> event syntax error: 'cpu/rE7574c47490475745/'
>                          \___ Bad event or PMU
>
> Unable to find PMU or event on a PMU of 'cpu'
>
> Initial error:
> event syntax error: 'cpu/rE7574c47490475745/'
>                          \___ unknown term 'rE7574c47490475745' for pmu 'cpu'
>
> valid terms: event,pc,edge,offcore_rsp,ldlat,inv,umask,frontend,cmask,config,config1,config2,config3,name,period,percore,metric-id
> Run 'perf list' for a list of valid events
>
>  Usage: perf stat [<options>] [<command>]
>
>     -e, --event <event>   event selector. use 'perf list' to list available events
> ```
>
> Issue found through fuzz testing.
>
> Signed-off-by: Ian Rogers <irogers@...gle.com>

Hi, would be nice to land this.

Thanks!
Ian

> ---
>  tools/perf/util/parse-events.l | 4 ++--
>  1 file changed, 2 insertions(+), 2 deletions(-)
>
> diff --git a/tools/perf/util/parse-events.l b/tools/perf/util/parse-events.l
> index 4ef4b6f171a0..f7df52b22c39 100644
> --- a/tools/perf/util/parse-events.l
> +++ b/tools/perf/util/parse-events.l
> @@ -156,8 +156,8 @@ event_pmu   [^,{}/]+[/][^/]*[/][^,{}/]*
>  event          [^,{}/]+
>
>  num_dec                [0-9]+
> -num_hex                0x[a-fA-F0-9]+
> -num_raw_hex    [a-fA-F0-9]+
> +num_hex                0x[a-fA-F0-9]{1,16}
> +num_raw_hex    [a-fA-F0-9]{1,16}
>  name           [a-zA-Z_*?\[\]][a-zA-Z0-9_*?.\[\]!\-]*
>  name_tag       [\'][a-zA-Z_*?\[\]][a-zA-Z0-9_*?\-,\.\[\]:=]*[\']
>  name_minus     [a-zA-Z_*?][a-zA-Z0-9\-_*?.:]*
> --
> 2.42.0.283.g2d96d420d3-goog
>