From: Steven Rostedt <rostedt@goodmis.org>
To: linux-kernel@vger.kernel.org
Cc: Ingo Molnar <mingo@kernel.org>,
Andrew Morton <akpm@linux-foundation.org>,
Dan Carpenter <dan.carpenter@oracle.com>
Subject: [for-next][PATCH 02/12] tracing: Fix some alloc_event_probe() error handling bugs
Date: Wed, 08 Sep 2021 15:18:53 -0400 [thread overview]
Message-ID: <20210908191953.503827696@goodmis.org> (raw)
In-Reply-To: 20210908191851.381347939@goodmis.org
From: Dan Carpenter <dan.carpenter@oracle.com>
There are two bugs in this code. First, if the kzalloc() fails it leads
to a NULL dereference of "ep" on the next line. Second, if the
alloc_event_probe() function returns an error then it leads to an
error pointer dereference in the caller.
Link: https://lkml.kernel.org/r/20210824115150.GI31143@kili
Fixes: 7491e2c44278 ("tracing: Add a probe that attaches to trace events")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
---
kernel/trace/trace_eprobe.c | 5 +++--
1 file changed, 3 insertions(+), 2 deletions(-)
diff --git a/kernel/trace/trace_eprobe.c b/kernel/trace/trace_eprobe.c
index 56a96e9750cf..3044b762cbd7 100644
--- a/kernel/trace/trace_eprobe.c
+++ b/kernel/trace/trace_eprobe.c
@@ -151,7 +151,7 @@ static struct trace_eprobe *alloc_event_probe(const char *group,
ep = kzalloc(struct_size(ep, tp.args, nargs), GFP_KERNEL);
if (!ep) {
- trace_event_put_ref(ep->event);
+ trace_event_put_ref(event);
goto error;
}
ep->event = event;
@@ -851,7 +851,8 @@ static int __trace_eprobe_create(int argc, const char *argv[])
ret = PTR_ERR(ep);
/* This must return -ENOMEM, else there is a bug */
WARN_ON_ONCE(ret != -ENOMEM);
- goto error; /* We know ep is not allocated */
+ ep = NULL;
+ goto error;
}
argc -= 2; argv += 2;
--
2.32.0
next prev parent reply other threads:[~2021-09-08 19:20 UTC|newest]
Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-08 19:18 [for-next][PATCH 00/12] tracing: More updates for 5.15 Steven Rostedt
2021-09-08 19:18 ` [for-next][PATCH 01/12] tracing: Add migrate-disabled counter to tracing output Steven Rostedt
2021-09-08 19:18 ` Steven Rostedt [this message]
2021-09-08 19:18 ` [for-next][PATCH 03/12] tracing/osnoise: Fix missed cpus_read_unlock() in start_per_cpu_kthreads() Steven Rostedt
2021-09-08 19:18 ` [for-next][PATCH 04/12] init: bootconfig: Remove all bootconfig data when the init memory is removed Steven Rostedt
2021-09-08 19:18 ` [for-next][PATCH 05/12] init/bootconfig: Reorder init parameter from bootconfig and cmdline Steven Rostedt
2021-09-08 19:18 ` [for-next][PATCH 06/12] docs: bootconfig: Add how to use bootconfig for kernel parameters Steven Rostedt
2021-09-08 19:18 ` [for-next][PATCH 07/12] tools/bootconfig: Fix tracing_on option checking in ftrace2bconf.sh Steven Rostedt
2021-09-08 19:18 ` [for-next][PATCH 08/12] bootconfig: Fix missing return check of xbc_node_compose_key function Steven Rostedt
2021-09-08 19:28 ` Steven Rostedt
2021-09-08 19:19 ` [for-next][PATCH 09/12] tools/bootconfig: Show whole test command for each test case Steven Rostedt
2021-09-08 19:19 ` [for-next][PATCH 10/12] tracing: synth events: increase max fields count Steven Rostedt
2021-09-08 19:19 ` [for-next][PATCH 11/12] tracing: Dynamically allocate the per-elt hist_elt_data array Steven Rostedt
2021-09-08 19:19 ` [for-next][PATCH 12/12] selftests/ftrace: Exclude "(fault)" in testing add/remove eprobe events Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20210908191953.503827696@goodmis.org \
--to=rostedt@goodmis.org \
--cc=akpm@linux-foundation.org \
--cc=dan.carpenter@oracle.com \
--cc=linux-kernel@vger.kernel.org \
--cc=mingo@kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.