author | Tony Jones <tonyj@suse.de> | 2019-02-28 01:55:32 (GMT) |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-04-05 20:29:08 (GMT) |
commit | ae0c4d3260115db7ebd31c0fa1f75fbf1ad64c08 (patch) | |
tree | e48ce736a6dbb9bfe21df61fe516d7f25da00bf8 | |
parent | 26241152d9a578445288e525f7cda1653174f946 (diff) | |
download | common-ae0c4d3260115db7ebd31c0fa1f75fbf1ad64c08.zip common-ae0c4d3260115db7ebd31c0fa1f75fbf1ad64c08.tar.gz common-ae0c4d3260115db7ebd31c0fa1f75fbf1ad64c08.tar.bz2 |
tools lib traceevent: Fix buffer overflow in arg_eval
[ Upstream commit 7c5b019e3a638a5a290b0ec020f6ca83d2ec2aaa ]
Fix buffer overflow observed when running perf test.
The overflow is when trying to evaluate "1ULL << (64 - 1)" which is
resulting in -9223372036854775808 which overflows the 20 character
buffer.
If is possible this bug has been reported before but I still don't see
any fix checked in:
See: https://www.spinics.net/lists/linux-perf-users/msg07714.html
Reported-by: Michael Sartain <mikesart@fastmail.com>
Reported-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Tony Jones <tonyj@suse.de>
Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Fixes: f7d82350e597 ("tools/events: Add files to create libtraceevent.a")
Link: http://lkml.kernel.org/r/20190228015532.8941-1-tonyj@suse.de
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
-rw-r--r-- | tools/lib/traceevent/event-parse.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/tools/lib/traceevent/event-parse.c b/tools/lib/traceevent/event-parse.c index 6694753..700c74b 100644 --- a/tools/lib/traceevent/event-parse.c +++ b/tools/lib/traceevent/event-parse.c @@ -2428,7 +2428,7 @@ static int arg_num_eval(struct print_arg *arg, long long *val) static char *arg_eval (struct print_arg *arg) { long long val; - static char buf[20]; + static char buf[24]; switch (arg->type) { case PRINT_ATOM: |