[PATCH 5.4 15/53] perf data: Fix double free in perf_session__delete()

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
To: linux-kernel@vger.kernel.org
Cc: Greg Kroah-Hartman <gregkh@linuxfoundation.org>,
	stable@vger.kernel.org,
	Alexey Bayduraev <alexey.v.bayduraev@linux.intel.com>,
	Jiri Olsa <jolsa@kernel.org>,
	Adrian Hunter <adrian.hunter@intel.com>,
	Alexander Antonov <alexander.antonov@linux.intel.com>,
	Alexander Shishkin <alexander.shishkin@linux.intel.com>,
	Alexei Budankov <abudankov@huawei.com>,
	Andi Kleen <ak@linux.intel.com>, Ingo Molnar <mingo@redhat.com>,
	Namhyung Kim <namhyung@kernel.org>,
	Peter Zijlstra <peterz@infradead.org>,
	Arnaldo Carvalho de Melo <acme@redhat.com>
Subject: [PATCH 5.4 15/53] perf data: Fix double free in perf_session__delete()
Date: Mon, 28 Feb 2022 18:24:13 +0100	[thread overview]
Message-ID: <20220228172249.441146466@linuxfoundation.org> (raw)
In-Reply-To: <20220228172248.232273337@linuxfoundation.org>

From: Alexey Bayduraev <alexey.v.bayduraev@linux.intel.com>

commit 69560e366fc4d5fca7bebb0e44edbfafc8bcaf05 upstream.

When perf_data__create_dir() fails, it calls close_dir(), but
perf_session__delete() also calls close_dir() and since dir.version and
dir.nr were initialized by perf_data__create_dir(), a double free occurs.

This patch moves the initialization of dir.version and dir.nr after
successful initialization of dir.files, that prevents double freeing.
This behavior is already implemented in perf_data__open_dir().

Fixes: 145520631130bd64 ("perf data: Add perf_data__(create_dir|close_dir) functions")
Signed-off-by: Alexey Bayduraev <alexey.v.bayduraev@linux.intel.com>
Acked-by: Jiri Olsa <jolsa@kernel.org>
Cc: Adrian Hunter <adrian.hunter@intel.com>
Cc: Alexander Antonov <alexander.antonov@linux.intel.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Alexei Budankov <abudankov@huawei.com>
Cc: Andi Kleen <ak@linux.intel.com>
Cc: Ingo Molnar <mingo@redhat.com>
Cc: Namhyung Kim <namhyung@kernel.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Link: https://lore.kernel.org/r/20220218152341.5197-2-alexey.v.bayduraev@linux.intel.com
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
---
 tools/perf/util/data.c |    7 +++----
 1 file changed, 3 insertions(+), 4 deletions(-)

--- a/tools/perf/util/data.c
+++ b/tools/perf/util/data.c
@@ -44,10 +44,6 @@ int perf_data__create_dir(struct perf_da
 	if (!files)
 		return -ENOMEM;
 
-	data->dir.version = PERF_DIR_VERSION;
-	data->dir.files   = files;
-	data->dir.nr      = nr;
-
 	for (i = 0; i < nr; i++) {
 		struct perf_data_file *file = &files[i];
 
@@ -62,6 +58,9 @@ int perf_data__create_dir(struct perf_da
 		file->fd = ret;
 	}
 
+	data->dir.version = PERF_DIR_VERSION;
+	data->dir.files   = files;
+	data->dir.nr      = nr;
 	return 0;
 
 out_err:

next prev parent reply	other threads:[~2022-02-28 17:35 UTC|newest]

Thread overview: 60+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2022-02-28 17:23 [PATCH 5.4 00/53] 5.4.182-rc1 review Greg Kroah-Hartman
2022-02-28 17:23 ` [PATCH 5.4 01/53] cgroup/cpuset: Fix a race between cpuset_attach() and cpu hotplug Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 02/53] clk: jz4725b: fix mmc0 clock gating Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 03/53] vhost/vsock: dont check owner in vhost_vsock_stop() while releasing Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 04/53] parisc/unaligned: Fix fldd and fstd unaligned handlers on 32-bit kernel Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 05/53] parisc/unaligned: Fix ldw() and stw() unalignment handlers Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 06/53] drm/amdgpu: disable MMHUB PG for Picasso Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 07/53] sr9700: sanity check for packet length Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 08/53] USB: zaurus: support another broken Zaurus Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 09/53] netfilter: nf_tables_offload: incorrect flow offload action array size Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 10/53] x86/fpu: Correct pkru/xstate inconsistency Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 11/53] tee: export teedev_open() and teedev_close_context() Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 12/53] optee: use driver internal tee_context for some rpc Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 13/53] lan743x: fix deadlock in lan743x_phy_link_status_change() Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 14/53] ping: remove pr_err from ping_lookup Greg Kroah-Hartman
2022-02-28 17:24 ` Greg Kroah-Hartman [this message]
2022-02-28 17:24 ` [PATCH 5.4 16/53] bpf: Do not try bpf_msg_push_data with len 0 Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 17/53] net: __pskb_pull_tail() & pskb_carve_frag_list() drop_monitor friends Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 18/53] tipc: Fix end of loop tests for list_for_each_entry() Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 19/53] gso: do not skip outer ip header in case of ipip and net_failover Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 20/53] openvswitch: Fix setting ipv6 fields causing hw csum failure Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 21/53] drm/edid: Always set RGB444 Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 22/53] net/mlx5e: Fix wrong return value on ioctl EEPROM query failure Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 23/53] net: ll_temac: check the return value of devm_kmalloc() Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 24/53] net: Force inlining of checksum functions in net/checksum.h Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 25/53] nfp: flower: Fix a potential leak in nfp_tunnel_add_shared_mac() Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 26/53] netfilter: nf_tables: fix memory leak during stateful obj update Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 27/53] net/mlx5: Fix possible deadlock on rule deletion Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 28/53] net/mlx5: Fix wrong limitation of metadata match on ecpf Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 29/53] spi: spi-zynq-qspi: Fix a NULL pointer dereference in zynq_qspi_exec_mem_op() Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 30/53] configfs: fix a race in configfs_{,un}register_subsystem() Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 31/53] RDMA/ib_srp: Fix a deadlock Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 32/53] tracing: Have traceon and traceoff trigger honor the instance Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 33/53] iio: adc: men_z188_adc: Fix a resource leak in an error handling path Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 34/53] iio: adc: ad7124: fix mask used for setting AIN_BUFP & AIN_BUFM bits Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 35/53] iio: Fix error handling for PM Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 36/53] ata: pata_hpt37x: disable primary channel on HPT371 Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 37/53] Revert "USB: serial: ch341: add new Product ID for CH341A" Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 38/53] usb: gadget: rndis: add spinlock for rndis response list Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 39/53] USB: gadget: validate endpoint index for xilinx udc Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 40/53] tracefs: Set the group ownership in apply_options() not parse_options() Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 41/53] USB: serial: option: add support for DW5829e Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 42/53] USB: serial: option: add Telit LE910R1 compositions Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 43/53] usb: dwc3: pci: Fix Bay Trail phy GPIO mappings Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 44/53] usb: dwc3: gadget: Let the interrupt handler disable bottom halves Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 45/53] xhci: re-initialize the HC during resume if HCE was set Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 46/53] xhci: Prevent futile URB re-submissions due to incorrect return value Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 47/53] tty: n_gsm: fix encoding of control signal octet bit DV Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 48/53] tty: n_gsm: fix proper link termination after failed open Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 49/53] tty: n_gsm: fix NULL pointer access due to DLCI release Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 50/53] gpio: tegra186: Fix chip_data type confusion Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 51/53] Revert "drm/nouveau/pmu/gm200-: avoid touching PMU outside of DEVINIT/PREOS/ACR" Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 52/53] memblock: use kfree() to release kmalloced memblock regions Greg Kroah-Hartman
2022-02-28 17:24 ` [PATCH 5.4 53/53] fget: clarify and improve __fget_files() implementation Greg Kroah-Hartman
2022-02-28 21:42 ` [PATCH 5.4 00/53] 5.4.182-rc1 review Shuah Khan
2022-02-28 23:12 ` Florian Fainelli
2022-03-01 11:34 ` Sudip Mukherjee
2022-03-01 16:45 ` Naresh Kamboju
2022-03-01 19:13 ` Guenter Roeck
2022-03-02  7:04 ` Slade Watkins

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20220228172249.441146466@linuxfoundation.org \
    --to=gregkh@linuxfoundation.org \
    --cc=abudankov@huawei.com \
    --cc=acme@redhat.com \
    --cc=adrian.hunter@intel.com \
    --cc=ak@linux.intel.com \
    --cc=alexander.antonov@linux.intel.com \
    --cc=alexander.shishkin@linux.intel.com \
    --cc=alexey.v.bayduraev@linux.intel.com \
    --cc=jolsa@kernel.org \
    --cc=linux-kernel@vger.kernel.org \
    --cc=mingo@redhat.com \
    --cc=namhyung@kernel.org \
    --cc=peterz@infradead.org \
    --cc=stable@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox