From: Namhyung Kim <namhyung@kernel.org>
To: linux-trace-devel@vger.kernel.org
Cc: Ian Rogers <irogers@google.com>
Subject: [PATCH] libtraceevent: Reset field properly in event_read_fields()
Date: Mon, 6 Jun 2022 21:59:25 -0700 [thread overview]
Message-ID: <20220607045925.814164-1-namhyung@kernel.org> (raw)
The field pointer is allocated and added to the fields list in a
loop. But it might refer the previous one if it fails to parse before
allocating a new one.
In that case, it would free the previous field but didn't update the
link of the list for the one before it. Moreover, it doesn't need to
free the previous one as it finished ok. Let's reset the field
pointer at the end of each iteration so that it cannot see the
previous one.
This was found by a fuzz test with an event having only one field.
Signed-off-by: Namhyung Kim <namhyung@kernel.org>
---
src/event-parse.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/src/event-parse.c b/src/event-parse.c
index 8f4fb59..1ba2a78 100644
--- a/src/event-parse.c
+++ b/src/event-parse.c
@@ -1902,6 +1902,7 @@ static int event_read_fields(struct tep_event *event, struct tep_format_field **
*fields = field;
fields = &field->next;
+ field = NULL;
} while (1);
--
2.36.1.255.ge46751e96f-goog
next reply other threads:[~2022-06-07 4:59 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-06-07 4:59 Namhyung Kim [this message]
2022-06-08 15:17 ` [PATCH] libtraceevent: Reset field properly in event_read_fields() Steven Rostedt
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20220607045925.814164-1-namhyung@kernel.org \
--to=namhyung@kernel.org \
--cc=irogers@google.com \
--cc=linux-trace-devel@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).