| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20260106133655.249887-1-wander@redhat.com> Date: Tue, 6 Jan 2026 08:49:36 -0300 From: Wander Lairson Costa <wander@...hat.com> To: Steven Rostedt <rostedt@...dmis.org>, Tomas Glozar <tglozar@...hat.com>, Wander Lairson Costa <wander@...hat.com>, Ivan Pravdin <ipravdin.official@...il.com>, Crystal Wood <crwood@...hat.com>, Costa Shulyupin <costa.shul@...hat.com>, John Kacur <jkacur@...hat.com>, Tiezhu Yang <yangtiezhu@...ngson.cn>, linux-trace-kernel@...r.kernel.org (open list:Real-time Linux Analysis (RTLA) tools), linux-kernel@...r.kernel.org (open list:Real-time Linux Analysis (RTLA) tools), bpf@...r.kernel.org (open list:BPF [MISC]:Keyword:(?:\b|_)bpf(?:\b|_)) Subject: [PATCH v2 00/18] rtla: Code quality and robustness improvements This patch series addresses several code quality and robustness issues in the rtla (Real-Time Linux Analysis) tool. The changes focus on eliminating potential buffer overflows, fixing NULL pointer dereferences, improving error handling, and simplifying code maintenance through better abstractions and helper functions. The series introduces safer string handling practices, including proper null termination after read() operations, correct buffer sizing for strncpy(), and volatile qualification for signal handler variables. It replaces unsafe functions like atoi() with robust error-checking alternatives, eliminates magic numbers in favor of named constants, and adds compile-time string length calculations to prevent buffer overruns. Additionally, the series reduces code duplication by introducing helper macros and functions for common patterns like action iteration, argument parsing, and threshold restart logic. It also includes minor cleanups such as removing redundant operations, unused headers, and fixing documentation inconsistencies. These improvements make the rtla codebase safer, more maintainable, and more consistent with kernel coding standards. Changes: v2: - exit on memory allocation failure - remove redundant strlen() calls - fix possible race on condition on stop_tracing variable access - ensure null termination on read() calls - fix checkpatch reports - make extract_args() an inline function - add the usage of common_restart() in more places Wander Lairson Costa (18): rtla: Exit on memory allocation failures during initialization rtla: Use strdup() to simplify code rtla: Introduce for_each_action() helper rtla: Replace atoi() with a robust strtoi() rtla: Simplify argument parsing rtla: Use strncmp_static() in more places rtla: Introduce common_restart() helper rtla: Use standard exit codes for result enum rtla: Remove redundant memset after calloc rtla: Replace magic number with MAX_PATH rtla: Remove unused headers rtla: Fix NULL pointer dereference in actions_parse rtla: Fix buffer size for strncpy in timerlat_aa rtla: Add generated output files to gitignore rtla: Make stop_tracing variable volatile rtla: Ensure null termination after read operations in utils.c rtla: Fix parse_cpu_set() return value documentation rtla: Simplify code by caching string lengths tools/tracing/rtla/.gitignore | 4 + tools/tracing/rtla/src/actions.c | 114 +++++++++++++++---------- tools/tracing/rtla/src/actions.h | 13 ++- tools/tracing/rtla/src/common.c | 67 ++++++++++----- tools/tracing/rtla/src/common.h | 11 ++- tools/tracing/rtla/src/osnoise.c | 28 ++---- tools/tracing/rtla/src/osnoise_hist.c | 26 ++---- tools/tracing/rtla/src/osnoise_top.c | 25 ++---- tools/tracing/rtla/src/timerlat.c | 5 +- tools/tracing/rtla/src/timerlat_aa.c | 4 +- tools/tracing/rtla/src/timerlat_hist.c | 44 ++++------ tools/tracing/rtla/src/timerlat_top.c | 46 ++++------ tools/tracing/rtla/src/timerlat_u.c | 4 +- tools/tracing/rtla/src/trace.c | 59 +++++-------- tools/tracing/rtla/src/trace.h | 4 +- tools/tracing/rtla/src/utils.c | 99 ++++++++++++++++++--- tools/tracing/rtla/src/utils.h | 26 ++++-- 17 files changed, 335 insertions(+), 244 deletions(-) -- 2.52.0
Powered by blists - more mailing lists