* [PATCH v1] perf symbol-minimal: Be more defensive when reading build IDs
@ 2025-09-14 18:31 Ian Rogers
2025-10-02 18:02 ` Arnaldo Carvalho de Melo
0 siblings, 1 reply; 2+ messages in thread
From: Ian Rogers @ 2025-09-14 18:31 UTC (permalink / raw)
To: Peter Zijlstra, Ingo Molnar, Arnaldo Carvalho de Melo,
Namhyung Kim, Mark Rutland, Alexander Shishkin, Jiri Olsa,
Ian Rogers, Adrian Hunter, Kan Liang, linux-perf-users,
linux-kernel
The note_data at ptr is read as a nhdr but this may yield
out-of-bounds reads if there isn't nhdrs worth of data. Be more
defensive before doing the reads. This is motivated by address
sanitizer capturing out of bounds reads running "perf top".
Signed-off-by: Ian Rogers <irogers@google.com>
---
tools/perf/util/symbol-minimal.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/util/symbol-minimal.c b/tools/perf/util/symbol-minimal.c
index 41e4ebe5eac5..aeb253248895 100644
--- a/tools/perf/util/symbol-minimal.c
+++ b/tools/perf/util/symbol-minimal.c
@@ -42,7 +42,7 @@ static int read_build_id(void *note_data, size_t note_len, struct build_id *bid,
void *ptr;
ptr = note_data;
- while (ptr < (note_data + note_len)) {
+ while ((ptr + sizeof(*nhdr)) < (note_data + note_len)) {
const char *name;
size_t namesz, descsz;
--
2.51.0.384.g4c02a37b29-goog
^ permalink raw reply related [flat|nested] 2+ messages in thread
* Re: [PATCH v1] perf symbol-minimal: Be more defensive when reading build IDs
2025-09-14 18:31 [PATCH v1] perf symbol-minimal: Be more defensive when reading build IDs Ian Rogers
@ 2025-10-02 18:02 ` Arnaldo Carvalho de Melo
0 siblings, 0 replies; 2+ messages in thread
From: Arnaldo Carvalho de Melo @ 2025-10-02 18:02 UTC (permalink / raw)
To: Ian Rogers
Cc: Peter Zijlstra, Ingo Molnar, Namhyung Kim, Mark Rutland,
Alexander Shishkin, Jiri Olsa, Adrian Hunter, Kan Liang,
linux-perf-users, linux-kernel
On Sun, Sep 14, 2025 at 11:31:31AM -0700, Ian Rogers wrote:
> The note_data at ptr is read as a nhdr but this may yield
> out-of-bounds reads if there isn't nhdrs worth of data. Be more
> defensive before doing the reads. This is motivated by address
> sanitizer capturing out of bounds reads running "perf top".
Thanks, applied to perf-tools-next,
- Arnaldo
> Signed-off-by: Ian Rogers <irogers@google.com>
> ---
> tools/perf/util/symbol-minimal.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/util/symbol-minimal.c b/tools/perf/util/symbol-minimal.c
> index 41e4ebe5eac5..aeb253248895 100644
> --- a/tools/perf/util/symbol-minimal.c
> +++ b/tools/perf/util/symbol-minimal.c
> @@ -42,7 +42,7 @@ static int read_build_id(void *note_data, size_t note_len, struct build_id *bid,
> void *ptr;
>
> ptr = note_data;
> - while (ptr < (note_data + note_len)) {
> + while ((ptr + sizeof(*nhdr)) < (note_data + note_len)) {
> const char *name;
> size_t namesz, descsz;
>
> --
> 2.51.0.384.g4c02a37b29-goog
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-10-02 18:02 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2025-09-14 18:31 [PATCH v1] perf symbol-minimal: Be more defensive when reading build IDs Ian Rogers
2025-10-02 18:02 ` Arnaldo Carvalho de Melo
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).