lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date: Wed, 8 May 2024 22:32:24 -0700
From: Ian Rogers <irogers@...gle.com>
To: Namhyung Kim <namhyung@...nel.org>
Cc: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...hat.com>, 
	Arnaldo Carvalho de Melo <acme@...nel.org>, Mark Rutland <mark.rutland@....com>, 
	Alexander Shishkin <alexander.shishkin@...ux.intel.com>, Jiri Olsa <jolsa@...nel.org>, 
	Adrian Hunter <adrian.hunter@...el.com>, Kan Liang <kan.liang@...ux.intel.com>, 
	James Clark <james.clark@....com>, Leo Yan <leo.yan@...ux.dev>, 
	linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1 1/4] perf ui browser: Avoid segv on title

On Wed, May 8, 2024 at 10:26 PM Namhyung Kim <namhyung@...nel.org> wrote:
>
> On Tue, May 7, 2024 at 8:53 PM Ian Rogers <irogers@...gle.com> wrote:
> >
> > If the title is NULL then it can lead to a segv.
>
> Just out of curiosity, do you know where it sets to NULL?

Yes, the fixes patch added strdup and zfree, the NULL is coming from the zfree.

Thanks,
Ian

> Thanks,
> Namhyung
>
> >
> > Fixes: 769e6a1e15bd ("perf ui browser: Don't save pointer to stack memory")
> > Signed-off-by: Ian Rogers <irogers@...gle.com>
> > ---
> >  tools/perf/ui/browser.c | 2 +-
> >  1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/tools/perf/ui/browser.c b/tools/perf/ui/browser.c
> > index c4cdf2ea69b7..19503e838738 100644
> > --- a/tools/perf/ui/browser.c
> > +++ b/tools/perf/ui/browser.c
> > @@ -203,7 +203,7 @@ void ui_browser__refresh_dimensions(struct ui_browser *browser)
> >  void ui_browser__handle_resize(struct ui_browser *browser)
> >  {
> >         ui__refresh_dimensions(false);
> > -       ui_browser__show(browser, browser->title, ui_helpline__current);
> > +       ui_browser__show(browser, browser->title ?: "", ui_helpline__current);
> >         ui_browser__refresh(browser);
> >  }
> >
> > --
> > 2.45.0.rc1.225.g2a3ae87e7f-goog
> >

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ