From: Stephane Eranian <eranian@google.com>
To: linux-kernel@vger.kernel.org
Cc: peterz@infradead.org, acme@redhat.com, mingo@elte.hu,
fweisbec@gmail.com, dsahern@gmail.com
Subject: [PATCH] perf record: fix buffer overrun bug in tracepoint_id_to_path()
Date: Tue, 13 Mar 2012 16:51:02 +0100 [thread overview]
Message-ID: <20120313155102.GA6465@quad> (raw)
This patch fixes a buffer overrun bug in tracepoint_id_to_path().
The bug manisfested itself as a memory error reported by perf record.
I ran into it with perf sched:
$ perf sched rec noploop 2
noploop for 2 seconds
[ perf record: Woken up 14 times to write data ]
[ perf record: Captured and wrote 42.701 MB perf.data (~1865622 samples) ]
Fatal: No memory to alloc tracepoints list
It turned out that tracepoint_id_to_path() was reading the tracepoint id
using read() but the buffer was not large enough to include the \n terminator
for id with 4 digits or more.
The patch fixes the problem by extending the buffer to a more reasonable size
covering all possible id length include \n terminator. Note that atoll() stops
at the first non digit character, thus it is not necessary to clear the buffer
between each read.
Signed-off-by: Stephane Eranian <eranian@google.com>
---
diff --git a/tools/perf/util/parse-events.c b/tools/perf/util/parse-events.c
index b029296..8a3c8c0 100644
--- a/tools/perf/util/parse-events.c
+++ b/tools/perf/util/parse-events.c
@@ -165,7 +165,7 @@ struct tracepoint_path *tracepoint_id_to_path(u64 config)
struct tracepoint_path *path = NULL;
DIR *sys_dir, *evt_dir;
struct dirent *sys_next, *evt_next, sys_dirent, evt_dirent;
- char id_buf[4];
+ char id_buf[24];
int fd;
u64 id;
char evt_path[MAXPATHLEN];
next reply other threads:[~2012-03-13 15:51 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-03-13 15:51 Stephane Eranian [this message]
2012-03-13 16:17 ` [tip:perf/urgent] perf record: Fix buffer overrun bug in tracepoint_id_to_path() tip-bot for Stephane Eranian
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120313155102.GA6465@quad \
--to=eranian@google.com \
--cc=acme@redhat.com \
--cc=dsahern@gmail.com \
--cc=fweisbec@gmail.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@elte.hu \
--cc=peterz@infradead.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).