From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from mail-wm1-f43.google.com (mail-wm1-f43.google.com [209.85.128.43]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 526C8383C9D for ; Tue, 14 Apr 2026 21:15:36 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.43 ARC-Seal:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776201337; cv=none; b=ftmPEB+RttVfbeq3o6ATAvX3iekXwM1gf05vAxSFa6Ek7oKYGcBOwWBz4l6aOKhNorqXUB7zHvdRRr/g5uRsVTC7C7HmUOuPUlb2sx1vyjye8XJl/rsAmQdR4mOPIIu7BqT7ot1yVlOKQoPt0fPQpSb3yFhYDnZ+yHdh0UNPEGE= ARC-Message-Signature:i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1776201337; c=relaxed/simple; bh=U9LYC2ekeVA1ilUjog60/xFnxRaYy7JDW/8QBZKQLBY=; h=Date:From:To:Cc:Subject:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=VCV9Bu+Gp8GG2jGhW3Z6byLnZUr4KPbi7tnqYiUI9EvA3EBV3MkgIC2/qlewC/VPl06FIxoco2h7IPm5V194rF81kGr6A4dhkhT5b4Eh9hyNAXIoIPmWEHJ6twrdzpD1oa5Ql3YcIQn9ngfe3pNJZ5yeO7RVRhR1rwOmIJX5JsM= ARC-Authentication-Results:i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=E02wMJy8; arc=none smtp.client-ip=209.85.128.43 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="E02wMJy8" Received: by mail-wm1-f43.google.com with SMTP id 5b1f17b1804b1-488b0e1b870so94820035e9.2 for ; Tue, 14 Apr 2026 14:15:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1776201335; x=1776806135; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:from:to:cc:subject:date :message-id:reply-to; bh=08SQJ/vGtL3UyQHWMHb9Cd/PD5t9iklvt968lKhjhaY=; b=E02wMJy881lqQlL9mwcZb52TH7AeAnO9+9hM1kRCUdgZAW6bYqiCsbBvHmklwK3DEA eiiWnic11Va9Yuq7y7QPgqNLgXXYJerxjlzIIWmaSLroDeTZdgh0or4muz9JYnjbvn9Q xfmOqPAfK+ZH7W+6Tzvz+JYUF/LorgDiOJtWScNiqXWFUAsQJ27i8wLuKcu3h5ZDNslc Wmvwi+CPb8TYc8bcpb3/xJaIZM8zNBB4gU6oHdlbnX2Oaceuc3zRslIvJKhG2YlnawzQ nZv/hLt9owou1Eq3QAg/WH2csl5usoI13WkmomUmlexyCl8sBdaT61s/71yYa+db5L1o fzmg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1776201335; x=1776806135; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:subject:cc:to:from:date:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=08SQJ/vGtL3UyQHWMHb9Cd/PD5t9iklvt968lKhjhaY=; b=GAwr1WQ+npA7oJJ9fFPUNy0XW87oI/iD9jVqVGRNz9qnREK7Tn6fnweDt1NU8R0c6P J1428cLoU3jR4/pZWmb1ysnslsqSLxXA6VmCoiozwHNiFvDO4REd4opGwLsnXw4IwLFa JYdPfYjyX3B4E2VjAuplMEcsdReN1onHrPX6TxkqvZedLQ+h3PfVjwJj5+UaizPYiVct XLPWmgbVbBJ85T6SNakGRGCD35K9PHFZeW/bkluO6klHOY8Qzzj0oUcuQWxvoer7DBmk +WklXccKop6U2FaCBBiKt7RrGL9aQpUe/xsMRxPoaDTNaOkPrSSrLZQyze14Uoka8c9P dJ7Q== X-Forwarded-Encrypted: i=1; AFNElJ9wZ8K4+3cAxyrV5zVQztfJg8T1k/MiCQBRICeQFq+u3HBU4CIYNvxFsyDJVKxXKWY5sVTQkm3mSfp5oeE=@vger.kernel.org X-Gm-Message-State: AOJu0Ywqkph4rjsu91gyuL0jpWKIQ0DRLhCf7xRBIFJ8Zvbu1JWWaTGI yWmijBm09rEpIkaNCmn0pt19F3wjeYhYiF1JUCQWCKK62BY+ZlDfcYgZ X-Gm-Gg: AeBDieuor74VlK/QqfR2r+0+p8fzi+yNhfkzjD1aUD+HTx/HwZSEvnzDxRtWoyGSNgv 3ANbBZttpLBDNLC19gfnHHorJzrHtG0a396oEVb4VyVTedEIdMwbyXKMVJP4sYbiABKIAByvw+T o+G8gj81aGyfrjOYHNZvv6Vb8D/IZR5wTTQd8I9KR4kZ93aP+3tQ4eQcceo5AHLEYWiupCdhLJZ v+EbxYOikkxgdrAGyCAp+sj+2HffIyNPX2K7iaGWxdlR55XhyGunD6elj51ZXo2/tx4lo6y1k/D O3Pln+oN+ODirBpHfNUX23SviEkB0TNBJA7urOaC211LpwtL992oRvlkY/UCm6nkgR0XnnirBhh kaXh44fPlik2t6bAOB1THDfXICLRdp+w4WbBdy9Xkc/UTJtkQVFw0bjIO3yFIG2ZdJwXCHTuVag H0dq3Nv+5ILEQLWecChfJYrBfOx4ni6rF83n3VZQ4IiA8t7UVel3S7Pn9DKvy4Vsn7 X-Received: by 2002:a05:600c:8594:b0:485:46fd:7887 with SMTP id 5b1f17b1804b1-488d67f9a73mr185836585e9.13.1776201334404; Tue, 14 Apr 2026 14:15:34 -0700 (PDT) Received: from pumpkin (82-69-66-36.dsl.in-addr.zen.co.uk. [82.69.66.36]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-488f0943698sm4244985e9.4.2026.04.14.14.15.33 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 14 Apr 2026 14:15:34 -0700 (PDT) Date: Tue, 14 Apr 2026 22:15:32 +0100 From: David Laight To: Ian Rogers Cc: Arnaldo Carvalho de Melo , Peter Zijlstra , Ingo Molnar , Namhyung Kim , Alexander Shishkin , Jiri Olsa , Adrian Hunter , James Clark , Swapnil Sapkal , Anubhav Shelat , linux-perf-users@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH v1] perf header: Ensure read strings are '\0' terminated Message-ID: <20260414221532.17623227@pumpkin> In-Reply-To: <20260414205725.2211169-1-irogers@google.com> References: <20260414205725.2211169-1-irogers@google.com> X-Mailer: Claws Mail 4.1.1 (GTK 3.24.38; arm-unknown-linux-gnueabihf) Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit On Tue, 14 Apr 2026 13:57:25 -0700 Ian Rogers wrote: > Sashiko reviews were complaining do_read_string didn't necessarily > ensure strings were correctly terminated. Add checking for this and if > a string isn't correctly terminated return NULL. > > Signed-off-by: Ian Rogers > --- > tools/perf/util/header.c | 8 +++++++- > 1 file changed, 7 insertions(+), 1 deletion(-) > > diff --git a/tools/perf/util/header.c b/tools/perf/util/header.c > index f30e48eb3fc3..fa4f6d773874 100644 > --- a/tools/perf/util/header.c > +++ b/tools/perf/util/header.c > @@ -269,6 +269,9 @@ static char *do_read_string(struct feat_fd *ff) > if (do_read_u32(ff, &len)) > return NULL; > > + if (len == 0) > + return NULL; > + > buf = malloc(len); > if (!buf) > return NULL; > @@ -279,7 +282,10 @@ static char *do_read_string(struct feat_fd *ff) > * thus the actual strlen of buf > * may be less than len > */ > - return buf; > + for (int i = (int)len - 1; i >= 0; i--) { > + if (buf[i] == '\0') > + return buf; > + } Would be a lot simpler to malloc(len + 1) and set buf[len] = 0. david > } > > free(buf);