| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <20240907050830.6752-2-irogers@google.com>
Date: Fri, 6 Sep 2024 22:08:16 -0700
From: Ian Rogers <irogers@...gle.com>
To: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...hat.com>,
Arnaldo Carvalho de Melo <acme@...nel.org>, Namhyung Kim <namhyung@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>, Jiri Olsa <jolsa@...nel.org>,
Ian Rogers <irogers@...gle.com>, Adrian Hunter <adrian.hunter@...el.com>,
Kan Liang <kan.liang@...ux.intel.com>, John Garry <john.g.garry@...cle.com>,
Will Deacon <will@...nel.org>, James Clark <james.clark@...aro.org>,
Mike Leach <mike.leach@...aro.org>, Leo Yan <leo.yan@...ux.dev>,
Ravi Bangoria <ravi.bangoria@....com>, Weilin Wang <weilin.wang@...el.com>,
Jing Zhang <renyu.zj@...ux.alibaba.com>, Xu Yang <xu.yang_2@....com>,
Sandipan Das <sandipan.das@....com>, Benjamin Gray <bgray@...ux.ibm.com>,
Athira Jajeev <atrajeev@...ux.vnet.ibm.com>, Howard Chu <howardchu95@...il.com>,
Dominique Martinet <asmadeus@...ewreck.org>, Yang Jihong <yangjihong@...edance.com>,
Colin Ian King <colin.i.king@...il.com>, Veronika Molnarova <vmolnaro@...hat.com>,
"Dr. David Alan Gilbert" <linux@...blig.org>, Oliver Upton <oliver.upton@...ux.dev>,
Changbin Du <changbin.du@...wei.com>, Ze Gao <zegao2021@...il.com>,
Andi Kleen <ak@...ux.intel.com>,
"Clément Le Goffic" <clement.legoffic@...s.st.com>, Sun Haiyong <sunhaiyong@...ngson.cn>,
Junhao He <hejunhao3@...wei.com>, Tiezhu Yang <yangtiezhu@...ngson.cn>,
Yicong Yang <yangyicong@...ilicon.com>, linux-kernel@...r.kernel.org,
linux-perf-users@...r.kernel.org, linux-arm-kernel@...ts.infradead.org
Subject: [PATCH v1 01/15] perf list: Avoid potential out of bounds memory read
If a desc string is 0 length then -1 will be out of bounds, add a
check.
Signed-off-by: Ian Rogers <irogers@...gle.com>
---
tools/perf/builtin-list.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/builtin-list.c b/tools/perf/builtin-list.c
index 82cb4b1010aa..65b8cba324be 100644
--- a/tools/perf/builtin-list.c
+++ b/tools/perf/builtin-list.c
@@ -173,7 +173,7 @@ static void default_print_event(void *ps, const char *pmu_name, const char *topi
if (pmu_name && strcmp(pmu_name, "default_core")) {
desc_len = strlen(desc);
desc_len = asprintf(&desc_with_unit,
- desc[desc_len - 1] != '.'
+ desc_len > 0 && desc[desc_len - 1] != '.'
? "%s. Unit: %s" : "%s Unit: %s",
desc, pmu_name);
}
--
2.46.0.469.g59c65b2a67-goog
Powered by blists - more mailing lists