* [PATCH][next] perf tests: fix out of bounds access on array fd when cnt is 100
@ 2018-03-14 17:33 ` Colin King
0 siblings, 0 replies; 5+ messages in thread
From: Colin King @ 2018-03-14 17:33 UTC (permalink / raw)
To: Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Alexander Shishkin, Jiri Olsa, Namhyung Kim
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
Currently when cnt is 100 an array bounds overflow occurs on the assignment
of fd[cnt]. Fix this by performing the bounds check on cnt before writing
to fd.
Detected by cppcheck:
tools/perf/tests/bp_account.c:115: (warning) Either the condition
'cnt==100' is redundant or the array 'fd[100]' is accessed at index 100,
which is out of bounds.
Fixes: 032db28e5fa3 ("perf tests: Add breakpoint accounting/modify test")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
tools/perf/tests/bp_account.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/tools/perf/tests/bp_account.c b/tools/perf/tests/bp_account.c
index 2f75fa0c4fef..9e88d7608951 100644
--- a/tools/perf/tests/bp_account.c
+++ b/tools/perf/tests/bp_account.c
@@ -107,16 +107,14 @@ static int detect_cnt(bool is_x)
int fd[100], cnt = 0, i;
while (1) {
- fd[cnt] = __event(is_x, addr, &attr);
-
- if (fd[cnt] < 0)
- break;
-
if (cnt == 100) {
pr_debug("way too many debug registers, fix the test\n");
return 0;
}
+ fd[cnt] = __event(is_x, addr, &attr);
+ if (fd[cnt] < 0)
+ break;
cnt++;
}
--
2.15.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* [PATCH][next] perf tests: fix out of bounds access on array fd when cnt is 100
@ 2018-03-14 17:33 ` Colin King
0 siblings, 0 replies; 5+ messages in thread
From: Colin King @ 2018-03-14 17:33 UTC (permalink / raw)
To: Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Alexander Shishkin, Jiri Olsa, Namhyung Kim
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
Currently when cnt is 100 an array bounds overflow occurs on the assignment
of fd[cnt]. Fix this by performing the bounds check on cnt before writing
to fd.
Detected by cppcheck:
tools/perf/tests/bp_account.c:115: (warning) Either the condition
'cnt=100' is redundant or the array 'fd[100]' is accessed at index 100,
which is out of bounds.
Fixes: 032db28e5fa3 ("perf tests: Add breakpoint accounting/modify test")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
tools/perf/tests/bp_account.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/tools/perf/tests/bp_account.c b/tools/perf/tests/bp_account.c
index 2f75fa0c4fef..9e88d7608951 100644
--- a/tools/perf/tests/bp_account.c
+++ b/tools/perf/tests/bp_account.c
@@ -107,16 +107,14 @@ static int detect_cnt(bool is_x)
int fd[100], cnt = 0, i;
while (1) {
- fd[cnt] = __event(is_x, addr, &attr);
-
- if (fd[cnt] < 0)
- break;
-
if (cnt = 100) {
pr_debug("way too many debug registers, fix the test\n");
return 0;
}
+ fd[cnt] = __event(is_x, addr, &attr);
+ if (fd[cnt] < 0)
+ break;
cnt++;
}
--
2.15.1
^ permalink raw reply related [flat|nested] 5+ messages in thread
* Re: [PATCH][next] perf tests: fix out of bounds access on array fd when cnt is 100
2018-03-14 17:33 ` Colin King
@ 2018-03-14 19:00 ` Arnaldo Carvalho de Melo
-1 siblings, 0 replies; 5+ messages in thread
From: Arnaldo Carvalho de Melo @ 2018-03-14 19:00 UTC (permalink / raw)
To: Colin King
Cc: Peter Zijlstra, Ingo Molnar, Alexander Shishkin, Jiri Olsa,
Namhyung Kim, kernel-janitors, linux-kernel
Em Wed, Mar 14, 2018 at 05:33:54PM +0000, Colin King escreveu:
> From: Colin Ian King <colin.king@canonical.com>
>
> Currently when cnt is 100 an array bounds overflow occurs on the assignment
> of fd[cnt]. Fix this by performing the bounds check on cnt before writing
> to fd.
>
> Detected by cppcheck:
> tools/perf/tests/bp_account.c:115: (warning) Either the condition
> 'cnt==100' is redundant or the array 'fd[100]' is accessed at index 100,
> which is out of bounds.
>
> Fixes: 032db28e5fa3 ("perf tests: Add breakpoint accounting/modify test")
Thanks, applied.
- Arnaldo
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: [PATCH][next] perf tests: fix out of bounds access on array fd when cnt is 100
@ 2018-03-14 19:00 ` Arnaldo Carvalho de Melo
0 siblings, 0 replies; 5+ messages in thread
From: Arnaldo Carvalho de Melo @ 2018-03-14 19:00 UTC (permalink / raw)
To: Colin King
Cc: Peter Zijlstra, Ingo Molnar, Alexander Shishkin, Jiri Olsa,
Namhyung Kim, kernel-janitors, linux-kernel
Em Wed, Mar 14, 2018 at 05:33:54PM +0000, Colin King escreveu:
> From: Colin Ian King <colin.king@canonical.com>
>
> Currently when cnt is 100 an array bounds overflow occurs on the assignment
> of fd[cnt]. Fix this by performing the bounds check on cnt before writing
> to fd.
>
> Detected by cppcheck:
> tools/perf/tests/bp_account.c:115: (warning) Either the condition
> 'cnt=100' is redundant or the array 'fd[100]' is accessed at index 100,
> which is out of bounds.
>
> Fixes: 032db28e5fa3 ("perf tests: Add breakpoint accounting/modify test")
Thanks, applied.
- Arnaldo
^ permalink raw reply [flat|nested] 5+ messages in thread
* [tip:perf/core] perf tests: Fix out of bounds access on array fd when cnt is 100
2018-03-14 17:33 ` Colin King
(?)
(?)
@ 2018-03-20 6:31 ` tip-bot for Colin Ian King
-1 siblings, 0 replies; 5+ messages in thread
From: tip-bot for Colin Ian King @ 2018-03-20 6:31 UTC (permalink / raw)
To: linux-tip-commits
Cc: mingo, linux-kernel, colin.king, hpa, acme, namhyung,
alexander.shishkin, peterz, tglx, jolsa
Commit-ID: 66790bc8e1f51831d73691954ae0b430bde614ad
Gitweb: https://git.kernel.org/tip/66790bc8e1f51831d73691954ae0b430bde614ad
Author: Colin Ian King <colin.king@canonical.com>
AuthorDate: Wed, 14 Mar 2018 17:33:54 +0000
Committer: Arnaldo Carvalho de Melo <acme@redhat.com>
CommitDate: Fri, 16 Mar 2018 13:56:44 -0300
perf tests: Fix out of bounds access on array fd when cnt is 100
Currently when cnt is 100 an array bounds overflow occurs on the
assignment of fd[cnt]. Fix this by performing the bounds check on cnt
before writing to fd.
Detected by cppcheck:
tools/perf/tests/bp_account.c:115: (warning) Either the condition
'cnt==100' is redundant or the array 'fd[100]' is accessed at index 100,
which is out of bounds.
Signed-off-by: Colin King <colin.king@canonical.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: kernel-janitors@vger.kernel.org
Fixes: 032db28e5fa3 ("perf tests: Add breakpoint accounting/modify test")
Link: http://lkml.kernel.org/r/20180314173354.11250-1-colin.king@canonical.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
tools/perf/tests/bp_account.c | 8 +++-----
1 file changed, 3 insertions(+), 5 deletions(-)
diff --git a/tools/perf/tests/bp_account.c b/tools/perf/tests/bp_account.c
index 2f75fa0c4fef..9e88d7608951 100644
--- a/tools/perf/tests/bp_account.c
+++ b/tools/perf/tests/bp_account.c
@@ -107,16 +107,14 @@ static int detect_cnt(bool is_x)
int fd[100], cnt = 0, i;
while (1) {
- fd[cnt] = __event(is_x, addr, &attr);
-
- if (fd[cnt] < 0)
- break;
-
if (cnt == 100) {
pr_debug("way too many debug registers, fix the test\n");
return 0;
}
+ fd[cnt] = __event(is_x, addr, &attr);
+ if (fd[cnt] < 0)
+ break;
cnt++;
}
^ permalink raw reply related [flat|nested] 5+ messages in thread
end of thread, other threads:[~2018-03-20 6:32 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-03-14 17:33 [PATCH][next] perf tests: fix out of bounds access on array fd when cnt is 100 Colin King
2018-03-14 17:33 ` Colin King
2018-03-14 19:00 ` Arnaldo Carvalho de Melo
2018-03-14 19:00 ` Arnaldo Carvalho de Melo
2018-03-20 6:31 ` [tip:perf/core] perf tests: Fix " tip-bot for Colin Ian King
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.