[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAP-5=fXWALXbbDSv9rY9DN3vRy8aynk2MQEBCbqC7drP-Xzcrg@mail.gmail.com>
Date: Thu, 25 Jan 2024 12:59:27 -0800
From: Ian Rogers <irogers@...gle.com>
To: kotborealis@...oo.ru
Cc: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...hat.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>, Namhyung Kim <namhyung@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>, Jiri Olsa <jolsa@...nel.org>,
Adrian Hunter <adrian.hunter@...el.com>, linux-perf-users@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: [PATCH] perf data convert: Output empty string for null pointer
On Thu, Jan 25, 2024 at 10:44 AM <kotborealis@...oo.ru> wrote:
>
> From: Evgeny Pistun <kotborealis@...oo.ru>
>
> Providing ill-formed input to `perf data conver --to-json`
> causes it to crash with segmentaton fault. There's a bug in
> `output_json_string` functon: input string is not validated.
> This could be reproduced by crafting input that does not specify
> hostname/os-release/etc, which are written to 'headers' section of
> outputted json.
>
> This patch adds a null pointer check. If `output_json_string` is
> called with a null pointer, it should output empty string (`""`).
>
> Signed-off-by: Evgeny Pistun <kotborealis@...oo.ru>
Reviewed-by: Ian Rogers <irogers@...gle.com>
Thanks,
Ian
> ---
> tools/perf/util/data-convert-json.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/util/data-convert-json.c b/tools/perf/util/data-convert-json.c
> index 5bb3c2ba9..f8fd22bd7 100644
> --- a/tools/perf/util/data-convert-json.c
> +++ b/tools/perf/util/data-convert-json.c
> @@ -42,7 +42,7 @@ struct convert_json {
> static void output_json_string(FILE *out, const char *s)
> {
> fputc('"', out);
> - while (*s) {
> + while (s != NULL && *s) {
> switch (*s) {
>
> // required escapes with special forms as per RFC 8259
> --
> 2.25.1
>
Powered by blists - more mailing lists