[PATCH 09/12] perf header: Fix divide by zero error if f_header.attr_size==0

All of lore.kernel.org
 help / color / mirror / Atom feed

From: Arnaldo Carvalho de Melo <acme@kernel.org>
To: Ingo Molnar <mingo@kernel.org>, Thomas Gleixner <tglx@linutronix.de>
Cc: Jiri Olsa <jolsa@kernel.org>, Namhyung Kim <namhyung@kernel.org>,
	Clark Williams <williams@redhat.com>,
	linux-kernel@vger.kernel.org, linux-perf-users@vger.kernel.org,
	Vince Weaver <vincent.weaver@maine.edu>,
	Alexander Shishkin <alexander.shishkin@linux.intel.com>,
	Jiri Olsa <jolsa@redhat.com>,
	Peter Zijlstra <peterz@infradead.org>,
	Arnaldo Carvalho de Melo <acme@redhat.com>
Subject: [PATCH 09/12] perf header: Fix divide by zero error if f_header.attr_size==0
Date: Mon, 29 Jul 2019 18:14:56 -0300	[thread overview]
Message-ID: <20190729211456.6380-10-acme@kernel.org> (raw)
In-Reply-To: <20190729211456.6380-1-acme@kernel.org>

From: Vince Weaver <vincent.weaver@maine.edu>

So I have been having lots of trouble with hand-crafted perf.data files
causing segfaults and the like, so I have started fuzzing the perf tool.

First issue found:

If f_header.attr_size is 0 in the perf.data file, then perf will crash
with a divide-by-zero error.

Committer note:

Added a pr_err() to tell the user why the command failed.

Signed-off-by: Vince Weaver <vincent.weaver@maine.edu>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Jiri Olsa <jolsa@redhat.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Link: http://lkml.kernel.org/r/alpine.DEB.2.21.1907231100440.14532@macbook-air
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
---
 tools/perf/util/header.c | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/tools/perf/util/header.c b/tools/perf/util/header.c
index 20111f8da5cb..47877f0f6667 100644
--- a/tools/perf/util/header.c
+++ b/tools/perf/util/header.c
@@ -3559,6 +3559,13 @@ int perf_session__read_header(struct perf_session *session)
 			   data->file.path);
 	}
 
+	if (f_header.attr_size == 0) {
+		pr_err("ERROR: The %s file's attr size field is 0 which is unexpected.\n"
+		       "Was the 'perf record' command properly terminated?\n",
+		       data->file.path);
+		return -EINVAL;
+	}
+
 	nr_attrs = f_header.attrs.size / f_header.attr_size;
 	lseek(fd, f_header.attrs.offset, SEEK_SET);
 
-- 
2.21.0

next prev parent reply	other threads:[~2019-07-29 21:14 UTC|newest]

Thread overview: 13+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2019-07-29 21:14 [GIT PULL] perf/urgent fixes Arnaldo Carvalho de Melo
2019-07-29 21:14 ` [PATCH 01/12] tools include UAPI: Sync x86's syscalls_64.tbl and generic unistd.h to pick up clone3 and pidfd_open Arnaldo Carvalho de Melo
2019-08-01 19:54   ` Christian Brauner
2019-07-29 21:14 ` [PATCH 02/12] tools headers UAPI: Update tools's copy of kvm.h headers Arnaldo Carvalho de Melo
2019-07-29 21:14 ` [PATCH 03/12] tools headers UAPI: Update tools's copy of mman.h headers Arnaldo Carvalho de Melo
2019-07-29 21:14 ` [PATCH 04/12] tools headers UAPI: Update tools's copy of drm.h headers Arnaldo Carvalho de Melo
2019-07-29 21:14 ` [PATCH 05/12] tools perf beauty: Fix usbdevfs_ioctl table generator to handle _IOC() Arnaldo Carvalho de Melo
2019-07-29 21:14 ` [PATCH 06/12] tools headers UAPI: Sync usbdevice_fs.h with the kernels to get new ioctl Arnaldo Carvalho de Melo
2019-07-29 21:14 ` [PATCH 07/12] tools headers UAPI: Sync sched.h with the kernel Arnaldo Carvalho de Melo
2019-08-01 19:55   ` Christian Brauner
2019-07-29 21:14 ` [PATCH 08/12] tools headers UAPI: Sync if_link.h " Arnaldo Carvalho de Melo
2019-07-29 21:14 ` Arnaldo Carvalho de Melo [this message]
2019-07-29 21:24 ` [GIT PULL] perf/urgent fixes Ingo Molnar

find likely ancestor, descendant, or conflicting patches for this message:
( dfblob:20111f8da5c dfblob:47877f0f666 )
 OR (
bs:"[PATCH 09/12] perf header: Fix divide by zero error if f_header.attr_size==0" )
	(help)

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20190729211456.6380-10-acme@kernel.org \
    --to=acme@kernel.org \
    --cc=acme@redhat.com \
    --cc=alexander.shishkin@linux.intel.com \
    --cc=jolsa@kernel.org \
    --cc=jolsa@redhat.com \
    --cc=linux-kernel@vger.kernel.org \
    --cc=linux-perf-users@vger.kernel.org \
    --cc=mingo@kernel.org \
    --cc=namhyung@kernel.org \
    --cc=peterz@infradead.org \
    --cc=tglx@linutronix.de \
    --cc=vincent.weaver@maine.edu \
    --cc=williams@redhat.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.