tools lib traceevent: Fix buffer overflow in arg_eval

[ Upstream commit 7c5b019e3a638a5a290b0ec020f6ca83d2ec2aaa ] Fix buffer overflow observed when running perf test. The overflow is when trying to evaluate "1ULL << (64 - 1)" which is resulting in -9223372036854775808 which overflows the 20 character buffer. If is possible this bug has been reported before but I still don't see any fix checked in: See: https://www.spinics.net/lists/linux-perf-users/msg07714.htmlReported-by: N Michael Sartain <mikesart@fastmail.com> Reported-by: N Mathias Krause <minipli@googlemail.com> Signed-off-by: N Tony Jones <tonyj@suse.de> Acked-by: N Steven Rostedt (VMware) <rostedt@goodmis.org> Cc: Frederic Weisbecker <fweisbec@gmail.com> Fixes: f7d82350 ("tools/events: Add files to create libtraceevent.a") Link: http://lkml.kernel.org/r/20190228015532.8941-1-tonyj@suse.deSigned-off-by: N Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: N Sasha Levin <sashal@kernel.org>

tools lib traceevent: Fix buffer overflow in arg_eval
[ Upstream commit 7c5b019e3a638a5a290b0ec020f6ca83d2ec2aaa ] Fix buffer overflow observed when running perf test. The overflow is when trying to evaluate "1ULL << (64 - 1)" which is resulting in -9223372036854775808 which overflows the 20 character buffer. If is possible this bug has been reported before but I still don't see any fix checked in: See: https://www.spinics.net/lists/linux-perf-users/msg07714.htmlReported-by: N Michael Sartain <mikesart@fastmail.com> Reported-by: N Mathias Krause <minipli@googlemail.com> Signed-off-by: N Tony Jones <tonyj@suse.de> Acked-by: N Steven Rostedt (VMware) <rostedt@goodmis.org> Cc: Frederic Weisbecker <fweisbec@gmail.com> Fixes: f7d82350 ("tools/events: Add files to create libtraceevent.a") Link: http://lkml.kernel.org/r/20190228015532.8941-1-tonyj@suse.deSigned-off-by: N Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: N Sasha Levin <sashal@kernel.org>
224c996e · Tony Jones · Greg Kroah-Hartman · 83c39533 · 224c996e
隐藏空白更改
内联并排

Showing with 1 addition and 1 deletion

tools/lib/traceevent/event-parse.c tools/lib/traceevent/event-parse.c +1 -1

未找到文件。
--- a/tools/lib/traceevent/event-parse.c
+++ b/tools/lib/traceevent/event-parse.c
@@ -2416,7 +2416,7 @@ static int arg_num_eval(struct print_arg *arg, long long *val)
 static char *arg_eval (struct print_arg *arg)
 {
 	long long val;
-	static char buf[20];
+	static char buf[24];

 	switch (arg->type) {
 	case PRINT_ATOM: