[PATCH AUTOSEL 4.9 23/87] tools lib traceevent: Fix buffer overflow in arg_eval

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Sasha Levin <sashal@kernel.org>
To: linux-kernel@vger.kernel.org, stable@vger.kernel.org
Cc: Tony Jones <tonyj@suse.de>,
	Frederic Weisbecker <fweisbec@gmail.com>,
	Arnaldo Carvalho de Melo <acme@redhat.com>,
	Sasha Levin <sashal@kernel.org>
Subject: [PATCH AUTOSEL 4.9 23/87] tools lib traceevent: Fix buffer overflow in arg_eval
Date: Wed, 27 Mar 2019 14:19:36 -0400	[thread overview]
Message-ID: <20190327182040.17444-23-sashal@kernel.org> (raw)
In-Reply-To: <20190327182040.17444-1-sashal@kernel.org>

From: Tony Jones <tonyj@suse.de>

[ Upstream commit 7c5b019e3a638a5a290b0ec020f6ca83d2ec2aaa ]

Fix buffer overflow observed when running perf test.

The overflow is when trying to evaluate "1ULL << (64 - 1)" which is
resulting in -9223372036854775808 which overflows the 20 character
buffer.

If is possible this bug has been reported before but I still don't see
any fix checked in:

See: https://www.spinics.net/lists/linux-perf-users/msg07714.html

Reported-by: Michael Sartain <mikesart@fastmail.com>
Reported-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Tony Jones <tonyj@suse.de>
Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Fixes: f7d82350e597 ("tools/events: Add files to create libtraceevent.a")
Link: http://lkml.kernel.org/r/20190228015532.8941-1-tonyj@suse.de
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
---
 tools/lib/traceevent/event-parse.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/lib/traceevent/event-parse.c b/tools/lib/traceevent/event-parse.c
index 669475300ba8..700c74b0aed0 100644
--- a/tools/lib/traceevent/event-parse.c
+++ b/tools/lib/traceevent/event-parse.c
@@ -2428,7 +2428,7 @@ static int arg_num_eval(struct print_arg *arg, long long *val)
 static char *arg_eval (struct print_arg *arg)
 {
 	long long val;
-	static char buf[20];
+	static char buf[24];
 
 	switch (arg->type) {
 	case PRINT_ATOM:
-- 
2.19.1

next prev parent reply	other threads:[~2019-03-27 18:21 UTC|newest]

Thread overview: 104+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-03-27 18:19 [PATCH AUTOSEL 4.9 01/87] CIFS: fix POSIX lock leak and invalid ptr deref Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 02/87] h8300: use cc-cross-prefix instead of hardcoding h8300-unknown-linux- Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 03/87] i2c: sis630: correct format strings Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 04/87] tracing: kdb: Fix ftdump to not sleep Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 05/87] gpio: gpio-omap: fix level interrupt idling Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 06/87] include/linux/relay.h: fix percpu annotation in struct rchan Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 07/87] sysctl: handle overflow for file-max Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 08/87] enic: fix build warning without CONFIG_CPUMASK_OFFSTACK Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 09/87] scsi: hisi_sas: Set PHY linkrate when disconnected Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 10/87] mm/cma.c: cma_declare_contiguous: correct err handling Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 11/87] mm/page_ext.c: fix an imbalance with kmemleak Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 12/87] mm/vmalloc.c: fix kernel BUG at mm/vmalloc.c:512! Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 13/87] mm/slab.c: kmemleak no scan alien caches Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 14/87] ocfs2: fix a panic problem caused by o2cb_ctl Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 15/87] f2fs: do not use mutex lock in atomic context Sasha Levin
2019-03-27 18:19   ` Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 16/87] fs/file.c: initialize init_files.resize_wait Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 17/87] cifs: use correct format characters Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 18/87] dm thin: add sanity checks to thin-pool and external snapshot creation Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 19/87] cifs: Fix NULL pointer dereference of devname Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 20/87] fs: Make splice() and tee() take into account O_NONBLOCK flag on pipes Sasha Levin
2019-03-28 15:37   ` Slavomir Kaslev
2019-03-28 16:04     ` Steven Rostedt
2019-04-03 16:19       ` Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 21/87] jbd2: fix invalid descriptor block checksum Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 22/87] fs: fix guard_bio_eod to check for real EOD errors Sasha Levin
2019-03-27 18:19 ` Sasha Levin [this message]
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 24/87] wil6210: check null pointer in _wil_cfg80211_merge_extra_ies Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 25/87] crypto: crypto4xx - add missing of_node_put after of_device_is_available Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 26/87] usb: chipidea: Grab the (legacy) USB PHY by phandle first Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 27/87] scsi: core: replace GFP_ATOMIC with GFP_KERNEL in scsi_scan.c Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 28/87] coresight: etm4x: Add support to enable ETMv4.2 Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 29/87] ARM: 8840/1: use a raw_spinlock_t in unwind Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 30/87] iommu/io-pgtable-arm-v7s: Only kmemleak_ignore L2 tables Sasha Levin
2019-03-27 18:19   ` Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 31/87] mmc: omap: fix the maximum timeout setting Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 32/87] e1000e: Fix -Wformat-truncation warnings Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 33/87] mlxsw: spectrum: Avoid " Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 34/87] IB/mlx4: Increase the timeout for CM cache Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 35/87] ASoC: qcom: Fix of-node refcount unbalance in apq8016_sbc_parse_of() Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 36/87] scsi: megaraid_sas: return error when create DMA pool failed Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 37/87] perf test: Fix failure of 'evsel-tp-sched' test on s390 Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 38/87] SoC: imx-sgtl5000: add missing put_device() Sasha Levin
2019-03-27 18:19   ` Sasha Levin
2019-03-27 18:19   ` Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 39/87] media: sh_veu: Correct return type for mem2mem buffer helpers Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 40/87] media: s5p-jpeg: " Sasha Levin
2019-03-27 18:19   ` Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 41/87] media: s5p-g2d: " Sasha Levin
2019-03-27 18:19   ` Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 42/87] media: mx2_emmaprp: " Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 43/87] vfs: fix preadv64v2 and pwritev64v2 compat syscalls with offset == -1 Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 44/87] HID: intel-ish-hid: avoid binding wrong ishtp_cl_device Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 45/87] leds: lp55xx: fix null deref on firmware load failure Sasha Levin
2019-03-27 18:19 ` [PATCH AUTOSEL 4.9 46/87] iwlwifi: pcie: fix emergency path Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 47/87] ACPI / video: Refactor and fix dmi_is_desktop() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 48/87] kprobes: Prohibit probing on bsearch() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 49/87] ARM: 8833/1: Ensure that NEON code always compiles with Clang Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 50/87] ALSA: PCM: check if ops are defined before suspending PCM Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 51/87] usb: f_fs: Avoid crash due to out-of-scope stack ptr access Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 52/87] bcache: fix input overflow to cache set sysfs file io_error_halflife Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 53/87] bcache: fix input overflow to sequential_cutoff Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 54/87] bcache: improve sysfs_strtoul_clamp() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 55/87] genirq: Avoid summation loops for /proc/stat Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 56/87] iw_cxgb4: fix srqidx leak during connection abort Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 57/87] fbdev: fbmem: fix memory access if logo is bigger than the screen Sasha Levin
2019-03-27 18:20   ` Sasha Levin
2019-03-27 18:20   ` Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 58/87] cdrom: Fix race condition in cdrom_sysctl_register Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 59/87] e1000e: fix cyclic resets at link up with active tx Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 60/87] ASoC: fsl-asoc-card: fix object reference leaks in fsl_asoc_card_probe Sasha Levin
2019-03-27 18:20   ` Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 61/87] locking/lockdep: Add debug_locks check in __lock_downgrade() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 62/87] efi/memattr: Don't bail on zero VA if it equals the region's PA Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 63/87] ARM: dts: lpc32xx: Remove leading 0x and 0s from bindings notation Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 64/87] soc: qcom: gsbi: Fix error handling in gsbi_probe() Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 65/87] mt7601u: bump supported EEPROM version Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 66/87] ARM: avoid Cortex-A9 livelock on tight dmb loops Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 67/87] tty: increase the default flip buffer limit to 2*640K Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 68/87] powerpc/pseries: Perform full re-add of CPU for topology update post-migration Sasha Levin
2019-03-27 18:20   ` Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 69/87] media: mt9m111: set initial frame size other than 0x0 Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 70/87] hwrng: virtio - Avoid repeated init of completion Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 71/87] soc/tegra: fuse: Fix illegal free of IO base address Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 72/87] HID: intel-ish: ipc: handle PIMR before ish_wakeup also clear PISR busy_clear bit Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 73/87] Bluetooth: Verify that l2cap_get_conf_opt provides large enough buffer Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 74/87] hpet: Fix missing '=' character in the __setup() code of hpet_mmap_enable Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 75/87] dmaengine: imx-dma: fix warning comparison of distinct pointer types Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 76/87] dmaengine: qcom_hidma: assign channel cookie correctly Sasha Levin
2019-03-27 18:20   ` Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 77/87] netfilter: physdev: relax br_netfilter dependency Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 78/87] media: s5p-jpeg: Check for fmt_ver_flag when doing fmt enumeration Sasha Levin
2019-03-27 18:20   ` Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 79/87] regulator: act8865: Fix act8600_sudcdc_voltage_ranges setting Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 80/87] drm/nouveau: Stop using drm_crtc_force_disable Sasha Levin
2019-03-27 18:20   ` Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 81/87] x86/build: Specify elf_i386 linker emulation explicitly for i386 objects Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 82/87] selinux: do not override context on context mounts Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 83/87] wlcore: Fix memory leak in case wl12xx_fetch_firmware failure Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 84/87] x86/build: Mark per-CPU symbols as absolute explicitly for LLD Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 85/87] dmaengine: tegra: avoid overflow of byte tracking Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 86/87] drm/dp/mst: Configure no_stop_bit correctly for remote i2c xfers Sasha Levin
2019-03-27 18:20   ` Sasha Levin
2019-03-27 18:20 ` [PATCH AUTOSEL 4.9 87/87] ACPI / video: Extend chassis-type detection with a "Lunch Box" check Sasha Levin

find likely ancestor, descendant, or conflicting patches for this message:
dfblob:669475300ba dfblob:700c74b0aed
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190327182040.17444-23-sashal@kernel.org \
    --to=sashal@kernel.org \
    --cc=acme@redhat.com \
    --cc=fweisbec@gmail.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=stable@vger.kernel.org \
    --cc=tonyj@suse.de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.