From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1755455AbbIAIpR (ORCPT ); Tue, 1 Sep 2015 04:45:17 -0400 Received: from mail-wi0-f171.google.com ([209.85.212.171]:34062 "EHLO mail-wi0-f171.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1755217AbbIAIoK (ORCPT ); Tue, 1 Sep 2015 04:44:10 -0400 Date: Tue, 1 Sep 2015 09:44:07 +0100 From: Matt Fleming To: Wang Nan Cc: acme@kernel.org, linux-kernel@vger.kernel.org, lizefan@huawei.com, pi3orama@huawei.com, Arnaldo Carvalho de Melo , Masami Hiramatsu , "David S. Miller" , Jiri Olsa Subject: Re: [PATCH] perf tools: Fix potential array out of bounce accessing Message-ID: <20150901084312.GA2823@codeblueprint.co.uk> References: <1441078184-105038-1-git-send-email-wangnan0@huawei.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <1441078184-105038-1-git-send-email-wangnan0@huawei.com> User-Agent: Mutt/1.5.21 (2010-09-15) Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Tue, 01 Sep, at 03:29:44AM, Wang Nan wrote: > There is a problem in dwarf-regs.c of sh, sparc and x86 that it is > possible to make an out-of-bound array accessing when searching > register names. This patch fixes it by replacing '<=' to '<', so when > register (number == XXX_MAX_REGS), get_arch_regstr() returns NULL. > > Signed-off-by: Wang Nan > Cc: Arnaldo Carvalho de Melo > Cc: Masami Hiramatsu > Cc: David S. Miller > Cc: Matt Fleming > Cc: Jiri Olsa > --- > tools/perf/arch/sh/util/dwarf-regs.c | 2 +- > tools/perf/arch/sparc/util/dwarf-regs.c | 2 +- > tools/perf/arch/x86/util/dwarf-regs.c | 2 +- > 3 files changed, 3 insertions(+), 3 deletions(-) Hmm, I wonder how that bug was introduced. I guess copy and paste is probably to blame. Good catch. Reviewed-by: Matt Fleming -- Matt Fleming, Intel Open Source Technology Center