Linux-Trace-Devel Archive on lore.kernel.org
 help / color / Atom feed
* [PATCH] trace-cmd: Fix possible usage of not null-terminated string
@ 2020-04-02 11:00 Tzvetomir Stoyanov (VMware)
  0 siblings, 0 replies; only message in thread
From: Tzvetomir Stoyanov (VMware) @ 2020-04-02 11:00 UTC (permalink / raw)
  To: rostedt; +Cc: linux-trace-devel

According to the
   readlink(const char *filename, char *buffer, size_t size);
documentation, the terminating '\0' is not written in the buffer.
As the buffer that is passed to this API is not initialized, this
can lead to working with not null-terminated string.
The problem was detected by valgrind.

Signed-off-by: Tzvetomir Stoyanov (VMware) <tz.stoyanov@gmail.com>
---
 lib/trace-cmd/trace-plugin.c | 1 +
 lib/trace-cmd/trace-util.c   | 1 +
 2 files changed, 2 insertions(+)

diff --git a/lib/trace-cmd/trace-plugin.c b/lib/trace-cmd/trace-plugin.c
index 6bec18bc..92f9edf3 100644
--- a/lib/trace-cmd/trace-plugin.c
+++ b/lib/trace-cmd/trace-plugin.c
@@ -199,6 +199,7 @@ static char *get_source_plugins_dir(void)
 	if (ret > PATH_MAX || ret < 0)
 		return NULL;
 
+	path[ret] = 0;
 	dirname(path);
 	p = strrchr(path, '/');
 	if (!p)
diff --git a/lib/trace-cmd/trace-util.c b/lib/trace-cmd/trace-util.c
index 04dc804c..0ead96ea 100644
--- a/lib/trace-cmd/trace-util.c
+++ b/lib/trace-cmd/trace-util.c
@@ -269,6 +269,7 @@ static char *get_source_plugins_dir(void)
 	if (ret > PATH_MAX || ret < 0)
 		return NULL;
 
+	path[ret] = 0;
 	dirname(path);
 	p = strrchr(path, '/');
 	if (!p)
-- 
2.25.1


^ permalink raw reply	[flat|nested] only message in thread

only message in thread, back to index

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2020-04-02 11:00 [PATCH] trace-cmd: Fix possible usage of not null-terminated string Tzvetomir Stoyanov (VMware)

Linux-Trace-Devel Archive on lore.kernel.org

Archives are clonable:
	git clone --mirror https://lore.kernel.org/linux-trace-devel/0 linux-trace-devel/git/0.git

	# If you have public-inbox 1.1+ installed, you may
	# initialize and index your mirror using the following commands:
	public-inbox-init -V2 linux-trace-devel linux-trace-devel/ https://lore.kernel.org/linux-trace-devel \
		linux-trace-devel@vger.kernel.org
	public-inbox-index linux-trace-devel

Example config snippet for mirrors

Newsgroup available over NNTP:
	nntp://nntp.lore.kernel.org/org.kernel.vger.linux-trace-devel


AGPL code for this site: git clone https://public-inbox.org/public-inbox.git