[PATCH 0/3] perf tools: Address fixes

[PATCH 0/3] perf tools: Address fixes

[Adrian Hunter]

Hi

Here are 3 small fixes resulting from a report from a
kernel test robot:

https://lore.kernel.org/oe-lkp/202303061424.6ad43294-yujie.liu@intel.com

Issues were revealed due to the use of build
option:

	EXTRA_CFLAGS="-fsanitize=undefined -fsanitize=address"


Adrian Hunter (3):
      perf symbols: Fix use-after-free in get_plt_got_name()
      perf symbols: Fix unaligned access in get_x86_64_plt_disp()
      perf tools: Avoid warning in do_realloc_array_as_needed()

 tools/perf/util/symbol-elf.c | 10 ++++++++--
 tools/perf/util/util.c       |  3 ++-
 2 files changed, 10 insertions(+), 3 deletions(-)


Regards
Adrian

[PATCH 1/3] perf symbols: Fix use-after-free in get_plt_got_name()

[Adrian Hunter]

Fix use-after-free in get_plt_got_name().

Discovered using EXTRA_CFLAGS="-fsanitize=undefined -fsanitize=address".

Reported-by: kernel test robot <yujie.liu@intel.com>
Link: https://lore.kernel.org/oe-lkp/202303061424.6ad43294-yujie.liu@intel.com
Fixes: ce4c8e7966f3 ("perf symbols: Get symbols for .plt.got for x86-64")
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
---
 tools/perf/util/symbol-elf.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tools/perf/util/symbol-elf.c b/tools/perf/util/symbol-elf.c
index c0a2de42c51b..7ef5f6d7d415 100644
--- a/tools/perf/util/symbol-elf.c
+++ b/tools/perf/util/symbol-elf.c
@@ -557,6 +557,7 @@ static bool get_plt_got_name(GElf_Shdr *shdr, size_t i,
 	const char *sym_name;
 	char *demangled;
 	GElf_Sym sym;
+	bool result;
 	u32 disp;
 
 	if (!di->sorted)
@@ -583,9 +584,11 @@ static bool get_plt_got_name(GElf_Shdr *shdr, size_t i,
 
 	snprintf(buf, buf_sz, "%s@plt", sym_name);
 
+	result = *sym_name;
+
 	free(demangled);
 
-	return *sym_name;
+	return result;
 }
 
 static int dso__synthesize_plt_got_symbols(struct dso *dso, Elf *elf,
-- 
2.34.1

[PATCH 2/3] perf symbols: Fix unaligned access in get_x86_64_plt_disp()

[Adrian Hunter]

Use memcpy() to avoid unaligned access.

Discovered using EXTRA_CFLAGS="-fsanitize=undefined -fsanitize=address".

Reported-by: kernel test robot <yujie.liu@intel.com>
Link: https://lore.kernel.org/oe-lkp/202303061424.6ad43294-yujie.liu@intel.com
Fixes: ce4c8e7966f3 ("perf symbols: Get symbols for .plt.got for x86-64")
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
---
 tools/perf/util/symbol-elf.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/tools/perf/util/symbol-elf.c b/tools/perf/util/symbol-elf.c
index 7ef5f6d7d415..ae810d4cf3cd 100644
--- a/tools/perf/util/symbol-elf.c
+++ b/tools/perf/util/symbol-elf.c
@@ -542,9 +542,12 @@ static u32 get_x86_64_plt_disp(const u8 *p)
 		n += 1;
 	/* jmp with 4-byte displacement */
 	if (p[n] == 0xff && p[n + 1] == 0x25) {
+		u32 disp;
+
 		n += 2;
 		/* Also add offset from start of entry to end of instruction */
-		return n + 4 + le32toh(*(const u32 *)(p + n));
+		memcpy(&disp, p + n, sizeof(disp));
+		return n + 4 + le32toh(disp);
 	}
 	return 0;
 }
-- 
2.34.1

[PATCH 3/3] perf tools: Avoid warning in do_realloc_array_as_needed()

[Adrian Hunter]

do_realloc_array_as_needed() used memcpy() of zero size with a NULL
pointer. Check the size first to avoid sanitize warning.

Discovered using EXTRA_CFLAGS="-fsanitize=undefined -fsanitize=address".

Reported-by: kernel test robot <yujie.liu@intel.com>
Link: https://lore.kernel.org/oe-lkp/202303061424.6ad43294-yujie.liu@intel.com
Signed-off-by: Adrian Hunter <adrian.hunter@intel.com>
---
 tools/perf/util/util.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/tools/perf/util/util.c b/tools/perf/util/util.c
index b356c9f7f0c3..089208b51e68 100644
--- a/tools/perf/util/util.c
+++ b/tools/perf/util/util.c
@@ -524,7 +524,8 @@ int do_realloc_array_as_needed(void **arr, size_t *arr_sz, size_t x, size_t msz,
 	new_arr = calloc(new_sz, msz);
 	if (!new_arr)
 		return -ENOMEM;
-	memcpy(new_arr, *arr, *arr_sz * msz);
+	if (*arr_sz)
+		memcpy(new_arr, *arr, *arr_sz * msz);
 	if (init_val) {
 		for (i = *arr_sz; i < new_sz; i++)
 			memcpy(new_arr + (i * msz), init_val, msz);
-- 
2.34.1

Re: [PATCH 0/3] perf tools: Address fixes

[Ian Rogers]

On Thu, Mar 16, 2023 at 12:42 PM Adrian Hunter <adrian.hunter@intel.com> wrote:
>
> Hi
>
> Here are 3 small fixes resulting from a report from a
> kernel test robot:
>
> https://lore.kernel.org/oe-lkp/202303061424.6ad43294-yujie.liu@intel.com
>
> Issues were revealed due to the use of build
> option:
>
>         EXTRA_CFLAGS="-fsanitize=undefined -fsanitize=address"
>
>
> Adrian Hunter (3):
>       perf symbols: Fix use-after-free in get_plt_got_name()
>       perf symbols: Fix unaligned access in get_x86_64_plt_disp()
>       perf tools: Avoid warning in do_realloc_array_as_needed()

All 3:
Acked-by: Ian Rogers <irogers@google.com>

Thanks,
Ian

>  tools/perf/util/symbol-elf.c | 10 ++++++++--
>  tools/perf/util/util.c       |  3 ++-
>  2 files changed, 10 insertions(+), 3 deletions(-)
>
>
> Regards
> Adrian

Re: [PATCH 0/3] perf tools: Address fixes

[Adrian Hunter]

On 16/03/23 21:41, Adrian Hunter wrote:
> Hi
> 
> Here are 3 small fixes resulting from a report from a
> kernel test robot:
> 
> https://lore.kernel.org/oe-lkp/202303061424.6ad43294-yujie.liu@intel.com
> 
> Issues were revealed due to the use of build
> option:
> 
> 	EXTRA_CFLAGS="-fsanitize=undefined -fsanitize=address"
> 
> 
> Adrian Hunter (3):
>       perf symbols: Fix use-after-free in get_plt_got_name()
>       perf symbols: Fix unaligned access in get_x86_64_plt_disp()
>       perf tools: Avoid warning in do_realloc_array_as_needed()
> 
>  tools/perf/util/symbol-elf.c | 10 ++++++++--
>  tools/perf/util/util.c       |  3 ++-
>  2 files changed, 10 insertions(+), 3 deletions(-)

These seem to be still outstanding.

Re: [PATCH 0/3] perf tools: Address fixes

[Arnaldo Carvalho de Melo]

Em Wed, Mar 29, 2023 at 08:07:42AM +0300, Adrian Hunter escreveu:
> On 16/03/23 21:41, Adrian Hunter wrote:
> > Hi
> > 
> > Here are 3 small fixes resulting from a report from a
> > kernel test robot:
> > 
> > https://lore.kernel.org/oe-lkp/202303061424.6ad43294-yujie.liu@intel.com
> > 
> > Issues were revealed due to the use of build
> > option:
> > 
> > 	EXTRA_CFLAGS="-fsanitize=undefined -fsanitize=address"
> > 
> > 
> > Adrian Hunter (3):
> >       perf symbols: Fix use-after-free in get_plt_got_name()
> >       perf symbols: Fix unaligned access in get_x86_64_plt_disp()
> >       perf tools: Avoid warning in do_realloc_array_as_needed()
> > 
> >  tools/perf/util/symbol-elf.c | 10 ++++++++--
> >  tools/perf/util/util.c       |  3 ++-
> >  2 files changed, 10 insertions(+), 3 deletions(-)
> 
> These seem to be still outstanding.

Thanks for the reminder, applied.

- Arnaldo