From: Jerome Marchand <jmarchan@redhat.com>
To: Steven Rostedt <rostedt@goodmis.org>
Cc: Linux Trace Devel <linux-trace-devel@vger.kernel.org>
Subject: Re: [PATCH 15/38] trace-cmd lib: check the return value of do_lssek() in trace_get_options()
Date: Tue, 29 Oct 2024 07:31:32 +0100 [thread overview]
Message-ID: <df309ae5-e97d-4d9e-8df7-b65a7e2fd67e@redhat.com> (raw)
In-Reply-To: <20240717171030.03117c8f@rorschach.local.home>
On 17/07/2024 23:10, Steven Rostedt wrote:
>
> Note the subject has a typo "lssek".
>
>
> On Wed, 5 Jun 2024 15:40:30 +0200
> "Jerome Marchand" <jmarchan@redhat.com> wrote:
>
>> Check that do_lseek doesn't fail before calling malloc() with a -1
>> argument.
>>
>> This is flagged as an overrun error (CWE-119) by static anaysis
>> because of the call to read() later, but I don't imagine that malloc
>> would succeed.
>>
>> Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
>> ---
>> lib/trace-cmd/trace-output.c | 2 ++
>> 1 file changed, 2 insertions(+)
>>
>> diff --git a/lib/trace-cmd/trace-output.c b/lib/trace-cmd/trace-output.c
>> index 5ba0a145..35904620 100644
>> --- a/lib/trace-cmd/trace-output.c
>> +++ b/lib/trace-cmd/trace-output.c
>> @@ -2069,6 +2069,8 @@ __hidden void *trace_get_options(struct tracecmd_output *handle, size_t *len)
>> }
>>
>> offset = do_lseek(&out_handle, 0, SEEK_CUR);
>> + if(offset == (off_t)-1)
>
> Nit, the above has whitespace issues:
>
> if (offset == (off_t)-1)
>
> Could you resend this?
Will do.
Jerome
>
> Thanks,
>
> -- Steve
>
>> + goto out;
>> buf = malloc(offset);
>> if (!buf)
>> goto out;
>
next prev parent reply other threads:[~2024-10-29 6:31 UTC|newest]
Thread overview: 68+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-06-05 13:40 [PATCH 00/38] trace-cmd: fix misc issues found by static analysis Jerome Marchand
2024-06-05 13:40 ` [PATCH 01/38] trace-cmd listen: close ofd before exiting process_client() Jerome Marchand
2024-06-05 13:40 ` [PATCH 02/38] trace-cmd msg: prevent a memory leak in get_trace_req_args() Jerome Marchand
2024-06-05 13:40 ` [PATCH 03/38] trace-cmd lib: prevent a memory leak in read_header_files() Jerome Marchand
2024-06-05 13:40 ` [PATCH 04/38] trace-cmd: call dlclose() in the error path of load_plugin() Jerome Marchand
2024-06-05 13:40 ` [PATCH 05/38] trace-cmd lib: prevent possible memory coruption in add_plugin_file() Jerome Marchand
2024-06-05 13:40 ` [PATCH 06/38] trace-cmd lib: prevent a memory leak in handle_options() Jerome Marchand
2024-07-17 20:27 ` Steven Rostedt
2024-06-05 13:40 ` [PATCH 07/38] trace-cmd lib: prevent a memory leak in regex_event_buf() Jerome Marchand
2024-06-05 13:40 ` [PATCH 08/38] trace-cmd lib: prevent a memory leak in create_event_list_item() Jerome Marchand
2024-07-17 20:31 ` Steven Rostedt
2024-10-29 6:26 ` Jerome Marchand
2024-06-05 13:40 ` [PATCH 09/38] trace-cmd lib: prevent a memory leak in read_ftrace_printk() Jerome Marchand
2024-06-05 13:40 ` [PATCH 10/38] trace-cmd: don't print a NULL string in append_pid_filter() Jerome Marchand
2024-06-05 13:40 ` [PATCH 11/38] trace-cmd record: prevent possible memory coruption in get_pid_addr_maps() Jerome Marchand
2024-06-05 13:40 ` [PATCH 12/38] trace-cmd hist: close tracecmd handle when trace_hist() exits early Jerome Marchand
2024-06-05 13:40 ` [PATCH 13/38] trace-cmd record: prevent a memory leak in show_error() Jerome Marchand
2024-07-17 20:51 ` Steven Rostedt
2024-10-29 6:31 ` Jerome Marchand
2024-06-05 13:40 ` [PATCH 14/38] trace-cmd record: prevent memory leak in update_pid_filters() Jerome Marchand
2024-06-05 13:40 ` [PATCH 15/38] trace-cmd lib: check the return value of do_lssek() in trace_get_options() Jerome Marchand
2024-07-17 21:10 ` Steven Rostedt
2024-10-29 6:31 ` Jerome Marchand [this message]
2024-06-05 13:40 ` [PATCH 16/38] trace-cmd lib: don't double close a file descriptor in read_header_files() Jerome Marchand
2024-06-05 13:40 ` [PATCH 17/38] trace-cmd lib: prevent memory leak in ptp_clock_server() Jerome Marchand
2024-06-05 13:40 ` [PATCH 18/38] trace-cmd lib: remove useless code in tracecmd_plog() Jerome Marchand
2024-06-05 13:40 ` [PATCH 19/38] trace-cmd record: prevent memory leak in add_all_instances() Jerome Marchand
2024-06-05 13:40 ` [PATCH 20/38] trace-cmd lib: check for a negative return value of read in tracecmd_compress_copy_from() Jerome Marchand
2024-06-05 13:40 ` [PATCH 21/38] trace-cmd record: prevent memory leak in clear_func_filter() Jerome Marchand
2024-06-05 13:40 ` [PATCH 22/38] trace-cmd dump: prevent buffer overrun in dump_clock() Jerome Marchand
2024-07-17 22:55 ` Steven Rostedt
2024-10-29 6:31 ` Jerome Marchand
2024-06-05 13:40 ` [PATCH 23/38] trace-cmd lib: prevent buffer overrun in read_string() Jerome Marchand
2024-07-18 0:08 ` Steven Rostedt
2024-06-05 13:40 ` [PATCH 24/38] trace-cmd: close file descriptor in trace_vsock_make() Jerome Marchand
2024-06-05 13:40 ` [PATCH 25/38] trace-cmd lib: prevent memory leak in glob_events() Jerome Marchand
2024-06-05 13:40 ` [PATCH 26/38] trace-cmd record: don't print a NULL string in get_temp_file() Jerome Marchand
2024-06-05 13:40 ` [PATCH 27/38] trace-cmd lib: prevent a possible file descriptor leak in set_proc_kptr_restrict() Jerome Marchand
2024-06-05 13:40 ` [PATCH 28/38] trace-cmd lib: remove unused tracecmd_parse_cmdlines() function Jerome Marchand
2024-06-05 13:40 ` [PATCH 29/38] trace-cmd record: prevent memory leak in setup_network() Jerome Marchand
2024-07-18 0:25 ` Steven Rostedt
2024-10-29 6:34 ` Jerome Marchand
2024-06-05 13:40 ` [PATCH 30/38] trace-cmd listen: prevent memory leak in communicate_with_client() Jerome Marchand
2024-06-05 13:40 ` [PATCH 31/38] trace-cmd listen: prevent a infinite loop " Jerome Marchand
2024-06-05 13:40 ` [PATCH 32/38] trace-cmd lib: prevent memory leak in tracecmd_create_event_hook() Jerome Marchand
2024-07-18 1:16 ` Steven Rostedt
2024-10-29 6:36 ` Jerome Marchand
2024-06-05 13:40 ` [PATCH 33/38] trace-cmd record: prevent memory corruption in parse_record_options() Jerome Marchand
2024-07-18 1:50 ` Steven Rostedt
2024-06-05 13:40 ` [PATCH 34/38] trace-cmd mem: prevent a memory leak in trace_mem() Jerome Marchand
2024-07-18 1:53 ` Steven Rostedt
2024-10-29 6:38 ` Jerome Marchand
2024-06-05 13:40 ` [PATCH 35/38] trace-cmd: move the initialization of found_pid at the beginning of stop_trace_connect() Jerome Marchand
2024-06-05 13:40 ` [PATCH 36/38] trace-cmd record: check the length of the protocol version received Jerome Marchand
2024-07-18 2:11 ` Steven Rostedt
2024-10-29 6:40 ` Jerome Marchand
2024-06-05 13:40 ` [PATCH 37/38] trace-cmd record: close socket fd before retrying to connect Jerome Marchand
2024-06-05 13:40 ` [PATCH 38/38] trace-cmd lib: prevent a memory leak in tracecmd_tsync_proto_getall() Jerome Marchand
2024-06-05 16:17 ` [PATCH 00/38] trace-cmd: fix misc issues found by static analysis Steven Rostedt
2024-10-29 8:01 ` [PATCH 0/8 v2] " Jerome Marchand
2024-10-29 8:01 ` [PATCH 1/8] trace-cmd lib: Prevent a memory leak in handle_options() Jerome Marchand
2024-10-29 8:01 ` [PATCH 2/8] trace-cmd record: Prevent a memory leak in show_error() Jerome Marchand
2024-10-29 8:01 ` [PATCH 3/8] trace-cmd lib: Check the return value of do_lseek() in trace_get_options() Jerome Marchand
2024-10-29 8:01 ` [PATCH 4/8] trace-cmd dump: Prevent buffer overrun in dump_clock() Jerome Marchand
2024-10-29 8:01 ` [PATCH 5/8] trace-cmd record: Prevent memory leak in setup_network() Jerome Marchand
2024-10-29 8:01 ` [PATCH 6/8] trace-cmd lib: Prevent memory leak in tracecmd_create_event_hook() Jerome Marchand
2024-10-29 8:01 ` [PATCH 7/8] trace-cmd mem: Prevent a memory leak in trace_mem() Jerome Marchand
2024-10-29 8:01 ` [PATCH 8/8] trace-cmd record: Check the length of the protocol version received Jerome Marchand
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=df309ae5-e97d-4d9e-8df7-b65a7e2fd67e@redhat.com \
--to=jmarchan@redhat.com \
--cc=linux-trace-devel@vger.kernel.org \
--cc=rostedt@goodmis.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).