[PATCH v1] perf pmu: Avoid uninitialized use of alias->str

linux-perf-users.vger.kernel.org archive mirror
 help / color / mirror / Atom feed

* [PATCH v1] perf pmu: Avoid uninitialized use of alias->str
@ 2023-08-30  0:05 Ian Rogers
  2023-08-30  2:23 ` Namhyung Kim
  0 siblings, 1 reply; 3+ messages in thread
From: Ian Rogers @ 2023-08-30  0:05 UTC (permalink / raw)
  To: Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
	Mark Rutland, Alexander Shishkin, Jiri Olsa, Namhyung Kim,
	Ian Rogers, Adrian Hunter, Kan Liang, James Clark,
	linux-perf-users, linux-kernel, Sumanth Korikkar, Thomas Richter,
	Jing Zhang

alias is allocated with malloc allowing uninitialized memory to be
accessed. The initialization of str was moved late after it could have
been updated by a JSON event, however, this create a potential for an
uninitialized use. Fix this by assigning str to NULL early. Testing on
ARM (Raspberry Pi) showed a memory leak in the same code so add a
zfree.

Fixes: f63a536f03a2 ("perf pmu: Merge JSON events with sysfs at load time")
Signed-off-by: Ian Rogers <irogers@google.com>
---
 tools/perf/util/pmu.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/tools/perf/util/pmu.c b/tools/perf/util/pmu.c
index cde33e01959a..b3f8f3f1e900 100644
--- a/tools/perf/util/pmu.c
+++ b/tools/perf/util/pmu.c
@@ -532,6 +532,7 @@ static int perf_pmu__new_alias(struct perf_pmu *pmu, const char *name,
 	if (!alias)
 		return -ENOMEM;
 
+	alias->str = NULL;
 	INIT_LIST_HEAD(&alias->terms);
 	alias->scale = 1.0;
 	alias->unit[0] = '\0';
@@ -593,6 +594,7 @@ static int perf_pmu__new_alias(struct perf_pmu *pmu, const char *name,
 			ret += scnprintf(newval + ret, sizeof(newval) - ret,
 					 "%s=%s", term->config, term->val.str);
 	}
+	zfree(&alias->str);
 	alias->str = strdup(newval);
 	if (!pe)
 		pmu->sysfs_aliases++;
-- 
2.42.0.rc2.253.gd59a3bf2b4-goog


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH v1] perf pmu: Avoid uninitialized use of alias->str
  2023-08-30  0:05 [PATCH v1] perf pmu: Avoid uninitialized use of alias->str Ian Rogers
@ 2023-08-30  2:23 ` Namhyung Kim
  2023-08-30 15:48   ` Arnaldo Carvalho de Melo
  0 siblings, 1 reply; 3+ messages in thread
From: Namhyung Kim @ 2023-08-30  2:23 UTC (permalink / raw)
  To: Ian Rogers
  Cc: Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
	Mark Rutland, Alexander Shishkin, Jiri Olsa, Adrian Hunter,
	Kan Liang, James Clark, linux-perf-users, linux-kernel,
	Sumanth Korikkar, Thomas Richter, Jing Zhang

Hi Ian,

On Tue, Aug 29, 2023 at 5:05 PM Ian Rogers <irogers@google.com> wrote:
>
> alias is allocated with malloc allowing uninitialized memory to be
> accessed. The initialization of str was moved late after it could have
> been updated by a JSON event, however, this create a potential for an
> uninitialized use. Fix this by assigning str to NULL early. Testing on
> ARM (Raspberry Pi) showed a memory leak in the same code so add a
> zfree.
>
> Fixes: f63a536f03a2 ("perf pmu: Merge JSON events with sysfs at load time")
> Signed-off-by: Ian Rogers <irogers@google.com>

Acked-by: Namhyung Kim <namhyung@kernel.org>

Thanks,
Namhyung


> ---
>  tools/perf/util/pmu.c | 2 ++
>  1 file changed, 2 insertions(+)
>
> diff --git a/tools/perf/util/pmu.c b/tools/perf/util/pmu.c
> index cde33e01959a..b3f8f3f1e900 100644
> --- a/tools/perf/util/pmu.c
> +++ b/tools/perf/util/pmu.c
> @@ -532,6 +532,7 @@ static int perf_pmu__new_alias(struct perf_pmu *pmu, const char *name,
>         if (!alias)
>                 return -ENOMEM;
>
> +       alias->str = NULL;
>         INIT_LIST_HEAD(&alias->terms);
>         alias->scale = 1.0;
>         alias->unit[0] = '\0';
> @@ -593,6 +594,7 @@ static int perf_pmu__new_alias(struct perf_pmu *pmu, const char *name,
>                         ret += scnprintf(newval + ret, sizeof(newval) - ret,
>                                          "%s=%s", term->config, term->val.str);
>         }
> +       zfree(&alias->str);
>         alias->str = strdup(newval);
>         if (!pe)
>                 pmu->sysfs_aliases++;
> --
> 2.42.0.rc2.253.gd59a3bf2b4-goog
>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH v1] perf pmu: Avoid uninitialized use of alias->str
  2023-08-30  2:23 ` Namhyung Kim
@ 2023-08-30 15:48   ` Arnaldo Carvalho de Melo
  0 siblings, 0 replies; 3+ messages in thread
From: Arnaldo Carvalho de Melo @ 2023-08-30 15:48 UTC (permalink / raw)
  To: Namhyung Kim
  Cc: Ian Rogers, Peter Zijlstra, Ingo Molnar, Mark Rutland,
	Alexander Shishkin, Jiri Olsa, Adrian Hunter, Kan Liang,
	James Clark, linux-perf-users, linux-kernel, Sumanth Korikkar,
	Thomas Richter, Jing Zhang

Em Tue, Aug 29, 2023 at 07:23:58PM -0700, Namhyung Kim escreveu:
> Hi Ian,
> 
> On Tue, Aug 29, 2023 at 5:05 PM Ian Rogers <irogers@google.com> wrote:
> >
> > alias is allocated with malloc allowing uninitialized memory to be
> > accessed. The initialization of str was moved late after it could have
> > been updated by a JSON event, however, this create a potential for an
> > uninitialized use. Fix this by assigning str to NULL early. Testing on
> > ARM (Raspberry Pi) showed a memory leak in the same code so add a
> > zfree.
> >
> > Fixes: f63a536f03a2 ("perf pmu: Merge JSON events with sysfs at load time")
> > Signed-off-by: Ian Rogers <irogers@google.com>
> 
> Acked-by: Namhyung Kim <namhyung@kernel.org>

Thanks, applied.

- Arnaldo
 
> Thanks,
> Namhyung
> 
> 
> > ---
> >  tools/perf/util/pmu.c | 2 ++
> >  1 file changed, 2 insertions(+)
> >
> > diff --git a/tools/perf/util/pmu.c b/tools/perf/util/pmu.c
> > index cde33e01959a..b3f8f3f1e900 100644
> > --- a/tools/perf/util/pmu.c
> > +++ b/tools/perf/util/pmu.c
> > @@ -532,6 +532,7 @@ static int perf_pmu__new_alias(struct perf_pmu *pmu, const char *name,
> >         if (!alias)
> >                 return -ENOMEM;
> >
> > +       alias->str = NULL;
> >         INIT_LIST_HEAD(&alias->terms);
> >         alias->scale = 1.0;
> >         alias->unit[0] = '\0';
> > @@ -593,6 +594,7 @@ static int perf_pmu__new_alias(struct perf_pmu *pmu, const char *name,
> >                         ret += scnprintf(newval + ret, sizeof(newval) - ret,
> >                                          "%s=%s", term->config, term->val.str);
> >         }
> > +       zfree(&alias->str);
> >         alias->str = strdup(newval);
> >         if (!pe)
> >                 pmu->sysfs_aliases++;
> > --
> > 2.42.0.rc2.253.gd59a3bf2b4-goog
> >

-- 

- Arnaldo

^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2023-08-30 18:35 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2023-08-30  0:05 [PATCH v1] perf pmu: Avoid uninitialized use of alias->str Ian Rogers
2023-08-30  2:23 ` Namhyung Kim
2023-08-30 15:48   ` Arnaldo Carvalho de Melo

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).