* [PATCH] perf evsel: fix NULL pointer deference when evsel->counts is NULL
@ 2013-01-19 16:36 Colin King
2013-01-21 4:53 ` Namhyung Kim
0 siblings, 1 reply; 4+ messages in thread
From: Colin King @ 2013-01-19 16:36 UTC (permalink / raw)
To: Peter Zijlstra, Paul Mackerras, Ingo Molnar, Arnaldo Carvalho de Melo
Cc: linux-kernel
From: Colin Ian King <colin.king@canonical.com>
__perf_evsel__read_on_cpu() only bails out with -ENOMEM if
evsel->counts is NULL and perf_evsel__alloc_counts() has returned
an error. If perf_evsel__alloc_counts() does not return an error
we get an NULL pointer deference on evsel->counts->cpu[cpu]
if evsel->counts is NULL.
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
tools/perf/util/evsel.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/util/evsel.c b/tools/perf/util/evsel.c
index 1b16dd1..93acd06 100644
--- a/tools/perf/util/evsel.c
+++ b/tools/perf/util/evsel.c
@@ -640,7 +640,7 @@ int __perf_evsel__read_on_cpu(struct perf_evsel *evsel,
if (FD(evsel, cpu, thread) < 0)
return -EINVAL;
- if (evsel->counts == NULL && perf_evsel__alloc_counts(evsel, cpu + 1) < 0)
+ if (evsel->counts == NULL || perf_evsel__alloc_counts(evsel, cpu + 1) < 0)
return -ENOMEM;
if (readn(FD(evsel, cpu, thread), &count, nv * sizeof(u64)) < 0)
--
1.8.0
^ permalink raw reply related [flat|nested] 4+ messages in thread
* Re: [PATCH] perf evsel: fix NULL pointer deference when evsel->counts is NULL
2013-01-19 16:36 [PATCH] perf evsel: fix NULL pointer deference when evsel->counts is NULL Colin King
@ 2013-01-21 4:53 ` Namhyung Kim
2013-01-23 22:02 ` Arnaldo Carvalho de Melo
0 siblings, 1 reply; 4+ messages in thread
From: Namhyung Kim @ 2013-01-21 4:53 UTC (permalink / raw)
To: Colin King
Cc: Peter Zijlstra, Paul Mackerras, Ingo Molnar,
Arnaldo Carvalho de Melo, linux-kernel
Hi Colin,
On Sat, 19 Jan 2013 16:36:54 +0000, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> __perf_evsel__read_on_cpu() only bails out with -ENOMEM if
> evsel->counts is NULL and perf_evsel__alloc_counts() has returned
> an error. If perf_evsel__alloc_counts() does not return an error
> we get an NULL pointer deference on evsel->counts->cpu[cpu]
> if evsel->counts is NULL.
perf_evsel__alloc_counts() should allocate evsel->counts when it sees
evsel->counts is NULL and return negative error code if the allocation
fails.
So I don't see any problem in current code. With your code, it won't
try to allocate if ->counts is NULL but overwrite existing ->counts?
Thanks,
Namhyung
>
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
> ---
> tools/perf/util/evsel.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/util/evsel.c b/tools/perf/util/evsel.c
> index 1b16dd1..93acd06 100644
> --- a/tools/perf/util/evsel.c
> +++ b/tools/perf/util/evsel.c
> @@ -640,7 +640,7 @@ int __perf_evsel__read_on_cpu(struct perf_evsel *evsel,
> if (FD(evsel, cpu, thread) < 0)
> return -EINVAL;
>
> - if (evsel->counts == NULL && perf_evsel__alloc_counts(evsel, cpu + 1) < 0)
> + if (evsel->counts == NULL || perf_evsel__alloc_counts(evsel, cpu + 1) < 0)
> return -ENOMEM;
>
> if (readn(FD(evsel, cpu, thread), &count, nv * sizeof(u64)) < 0)
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] perf evsel: fix NULL pointer deference when evsel->counts is NULL
2013-01-21 4:53 ` Namhyung Kim
@ 2013-01-23 22:02 ` Arnaldo Carvalho de Melo
2013-01-23 23:26 ` Colin Ian King
0 siblings, 1 reply; 4+ messages in thread
From: Arnaldo Carvalho de Melo @ 2013-01-23 22:02 UTC (permalink / raw)
To: Namhyung Kim
Cc: Colin King, Peter Zijlstra, Paul Mackerras, Ingo Molnar, linux-kernel
Em Mon, Jan 21, 2013 at 01:53:21PM +0900, Namhyung Kim escreveu:
> On Sat, 19 Jan 2013 16:36:54 +0000, Colin King wrote:
> > From: Colin Ian King <colin.king@canonical.com>
> > __perf_evsel__read_on_cpu() only bails out with -ENOMEM if
> > evsel->counts is NULL and perf_evsel__alloc_counts() has returned
> > an error. If perf_evsel__alloc_counts() does not return an error
> > we get an NULL pointer deference on evsel->counts->cpu[cpu]
> > if evsel->counts is NULL.
> perf_evsel__alloc_counts() should allocate evsel->counts when it sees
> evsel->counts is NULL and return negative error code if the allocation
> fails.
> So I don't see any problem in current code. With your code, it won't
> try to allocate if ->counts is NULL but overwrite existing ->counts?
Right, the patch introduces a problem in code that works perfectly :-)
- Arnaldo
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [PATCH] perf evsel: fix NULL pointer deference when evsel->counts is NULL
2013-01-23 22:02 ` Arnaldo Carvalho de Melo
@ 2013-01-23 23:26 ` Colin Ian King
0 siblings, 0 replies; 4+ messages in thread
From: Colin Ian King @ 2013-01-23 23:26 UTC (permalink / raw)
To: Arnaldo Carvalho de Melo
Cc: Namhyung Kim, Peter Zijlstra, Paul Mackerras, Ingo Molnar, linux-kernel
On 23/01/13 22:02, Arnaldo Carvalho de Melo wrote:
> Em Mon, Jan 21, 2013 at 01:53:21PM +0900, Namhyung Kim escreveu:
>> On Sat, 19 Jan 2013 16:36:54 +0000, Colin King wrote:
>>> From: Colin Ian King <colin.king@canonical.com>
>
>>> __perf_evsel__read_on_cpu() only bails out with -ENOMEM if
>>> evsel->counts is NULL and perf_evsel__alloc_counts() has returned
>>> an error. If perf_evsel__alloc_counts() does not return an error
>>> we get an NULL pointer deference on evsel->counts->cpu[cpu]
>>> if evsel->counts is NULL.
>
>> perf_evsel__alloc_counts() should allocate evsel->counts when it sees
>> evsel->counts is NULL and return negative error code if the allocation
>> fails.
>
>> So I don't see any problem in current code. With your code, it won't
>> try to allocate if ->counts is NULL but overwrite existing ->counts?
>
> Right, the patch introduces a problem in code that works perfectly :-)
>
> - Arnaldo
>
Apologies for the noise.
Colin
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2013-01-23 23:26 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2013-01-19 16:36 [PATCH] perf evsel: fix NULL pointer deference when evsel->counts is NULL Colin King
2013-01-21 4:53 ` Namhyung Kim
2013-01-23 22:02 ` Arnaldo Carvalho de Melo
2013-01-23 23:26 ` Colin Ian King
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.