[PATCH] perf record: Fix failed memory allocation for get_cpuid

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] perf record: Fix failed memory allocation for get_cpuid_str
@ 2018-01-17 13:16 Thomas Richter
  2018-01-17 13:31 ` Arnaldo Carvalho de Melo
  2018-01-17 16:38 ` [tip:perf/core] " tip-bot for Thomas Richter
  0 siblings, 2 replies; 3+ messages in thread
From: Thomas Richter @ 2018-01-17 13:16 UTC (permalink / raw)
  To: linux-kernel, linux-perf-users, acme
  Cc: brueckner, schwidefsky, heiko.carstens, Thomas Richter

In x86 architecture dependend part function
get_cpuid_str() mallocs a 128 byte buffer, but does not
check if the memory allocation succeeded or not.
When the memory allocation fails, function __get_cpuid()
is called with first parameter being a NULL pointer.
However this function references its first parameter
and operates on a NULL pointer which might cause core
dumps.

Signed-off-by: Thomas Richter <tmricht@linux.vnet.ibm.com>
---
 tools/perf/arch/x86/util/header.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/perf/arch/x86/util/header.c b/tools/perf/arch/x86/util/header.c
index 33027c5e6f92..c6b5204e0280 100644
--- a/tools/perf/arch/x86/util/header.c
+++ b/tools/perf/arch/x86/util/header.c
@@ -70,7 +70,7 @@ get_cpuid_str(void)
 {
 	char *buf = malloc(128);
 
-	if (__get_cpuid(buf, 128, "%s-%u-%X$") < 0) {
+	if (buf && __get_cpuid(buf, 128, "%s-%u-%X$") < 0) {
 		free(buf);
 		return NULL;
 	}
-- 
2.13.4

^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] perf record: Fix failed memory allocation for get_cpuid_str
  2018-01-17 13:16 [PATCH] perf record: Fix failed memory allocation for get_cpuid_str Thomas Richter
@ 2018-01-17 13:31 ` Arnaldo Carvalho de Melo
  2018-01-17 16:38 ` [tip:perf/core] " tip-bot for Thomas Richter
  1 sibling, 0 replies; 3+ messages in thread
From: Arnaldo Carvalho de Melo @ 2018-01-17 13:31 UTC (permalink / raw)
  To: Thomas Richter
  Cc: linux-kernel, linux-perf-users, brueckner, schwidefsky,
	heiko.carstens

Em Wed, Jan 17, 2018 at 02:16:11PM +0100, Thomas Richter escreveu:
> In x86 architecture dependend part function
> get_cpuid_str() mallocs a 128 byte buffer, but does not
> check if the memory allocation succeeded or not.
> When the memory allocation fails, function __get_cpuid()
> is called with first parameter being a NULL pointer.
> However this function references its first parameter
> and operates on a NULL pointer which might cause core
> dumps.

Thanks, applied.

- Arnaldo
 
> Signed-off-by: Thomas Richter <tmricht@linux.vnet.ibm.com>
> ---
>  tools/perf/arch/x86/util/header.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/tools/perf/arch/x86/util/header.c b/tools/perf/arch/x86/util/header.c
> index 33027c5e6f92..c6b5204e0280 100644
> --- a/tools/perf/arch/x86/util/header.c
> +++ b/tools/perf/arch/x86/util/header.c
> @@ -70,7 +70,7 @@ get_cpuid_str(void)
>  {
>  	char *buf = malloc(128);
>  
> -	if (__get_cpuid(buf, 128, "%s-%u-%X$") < 0) {
> +	if (buf && __get_cpuid(buf, 128, "%s-%u-%X$") < 0) {
>  		free(buf);
>  		return NULL;
>  	}
> -- 
> 2.13.4

^ permalink raw reply	[flat|nested] 3+ messages in thread

* [tip:perf/core] perf record: Fix failed memory allocation for get_cpuid_str
  2018-01-17 13:16 [PATCH] perf record: Fix failed memory allocation for get_cpuid_str Thomas Richter
  2018-01-17 13:31 ` Arnaldo Carvalho de Melo
@ 2018-01-17 16:38 ` tip-bot for Thomas Richter
  1 sibling, 0 replies; 3+ messages in thread
From: tip-bot for Thomas Richter @ 2018-01-17 16:38 UTC (permalink / raw)
  To: linux-tip-commits
  Cc: hpa, schwidefsky, tglx, linux-kernel, mingo, acme, brueckner,
	heiko.carstens, tmricht

Commit-ID:  81fccd6ca507d3b2012eaf1edeb9b1dbf4bd22db
Gitweb:     https://git.kernel.org/tip/81fccd6ca507d3b2012eaf1edeb9b1dbf4bd22db
Author:     Thomas Richter <tmricht@linux.vnet.ibm.com>
AuthorDate: Wed, 17 Jan 2018 14:16:11 +0100
Committer:  Arnaldo Carvalho de Melo <acme@redhat.com>
CommitDate: Wed, 17 Jan 2018 10:31:25 -0300

perf record: Fix failed memory allocation for get_cpuid_str

In x86 architecture dependend part function get_cpuid_str() mallocs a
128 byte buffer, but does not check if the memory allocation succeeded
or not.

When the memory allocation fails, function __get_cpuid() is called with
first parameter being a NULL pointer.  However this function references
its first parameter and operates on a NULL pointer which might cause
core dumps.

Signed-off-by: Thomas Richter <tmricht@linux.vnet.ibm.com>
Cc: Heiko Carstens <heiko.carstens@de.ibm.com>
Cc: Hendrik Brueckner <brueckner@linux.vnet.ibm.com>
Cc: Martin Schwidefsky <schwidefsky@de.ibm.com>
Link: http://lkml.kernel.org/r/20180117131611.34319-1-tmricht@linux.vnet.ibm.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
 tools/perf/arch/x86/util/header.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tools/perf/arch/x86/util/header.c b/tools/perf/arch/x86/util/header.c
index b626d2b..fb0d71a 100644
--- a/tools/perf/arch/x86/util/header.c
+++ b/tools/perf/arch/x86/util/header.c
@@ -70,7 +70,7 @@ get_cpuid_str(struct perf_pmu *pmu __maybe_unused)
 {
 	char *buf = malloc(128);
 
-	if (__get_cpuid(buf, 128, "%s-%u-%X$") < 0) {
+	if (buf && __get_cpuid(buf, 128, "%s-%u-%X$") < 0) {
 		free(buf);
 		return NULL;
 	}

^ permalink raw reply related	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2018-01-17 16:39 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2018-01-17 13:16 [PATCH] perf record: Fix failed memory allocation for get_cpuid_str Thomas Richter
2018-01-17 13:31 ` Arnaldo Carvalho de Melo
2018-01-17 16:38 ` [tip:perf/core] " tip-bot for Thomas Richter

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.