[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <aN6-HeKLpsBuseXS@x1>
Date: Thu, 2 Oct 2025 15:02:05 -0300
From: Arnaldo Carvalho de Melo <acme@...nel.org>
To: Ian Rogers <irogers@...gle.com>
Cc: Peter Zijlstra <peterz@...radead.org>, Ingo Molnar <mingo@...hat.com>,
Namhyung Kim <namhyung@...nel.org>,
Mark Rutland <mark.rutland@....com>,
Alexander Shishkin <alexander.shishkin@...ux.intel.com>,
Jiri Olsa <jolsa@...nel.org>,
Adrian Hunter <adrian.hunter@...el.com>,
Kan Liang <kan.liang@...ux.intel.com>,
linux-perf-users@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v1] perf symbol-minimal: Be more defensive when reading
build IDs
On Sun, Sep 14, 2025 at 11:31:31AM -0700, Ian Rogers wrote:
> The note_data at ptr is read as a nhdr but this may yield
> out-of-bounds reads if there isn't nhdrs worth of data. Be more
> defensive before doing the reads. This is motivated by address
> sanitizer capturing out of bounds reads running "perf top".
Thanks, applied to perf-tools-next,
- Arnaldo
> Signed-off-by: Ian Rogers <irogers@...gle.com>
> ---
> tools/perf/util/symbol-minimal.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/util/symbol-minimal.c b/tools/perf/util/symbol-minimal.c
> index 41e4ebe5eac5..aeb253248895 100644
> --- a/tools/perf/util/symbol-minimal.c
> +++ b/tools/perf/util/symbol-minimal.c
> @@ -42,7 +42,7 @@ static int read_build_id(void *note_data, size_t note_len, struct build_id *bid,
> void *ptr;
>
> ptr = note_data;
> - while (ptr < (note_data + note_len)) {
> + while ((ptr + sizeof(*nhdr)) < (note_data + note_len)) {
> const char *name;
> size_t namesz, descsz;
>
> --
> 2.51.0.384.g4c02a37b29-goog
Powered by blists - more mailing lists