perf tools: Fix out-of-bound access to struct perf_session

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

If filename is NULL there is an out-of-bound access to struct
perf_session if it would be used with perf_session__open(). Shouldn't
actually happen in current implementation as filename is always !NULL.
Fixing this by always null-terminating filename.

Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Link: http://lkml.kernel.org/r/1323248577-11268-3-git-send-email-robert.richter@amd.com
Signed-off-by: Robert Richter <robert.richter@amd.com>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>

authored by

Robert Richter and committed by

Arnaldo Carvalho de Melo 14 years ago 002c4fd9 f7a8a133

+2 -2

2 changed files

expand all

tools

perf

util

session.c

session.h

+1 -1

tools/perf/util/session.c

··· 107 107 bool force, bool repipe, 108 108 struct perf_tool *tool) 109 109 { 110 - size_t len = filename ? strlen(filename) + 1 : 0; 110 + size_t len = filename ? strlen(filename) : 0; 111 111 struct perf_session *self = zalloc(sizeof(*self) + len); 112 112 113 113 if (self == NULL)

+1 -1

tools/perf/util/session.h

··· 50 50 int cwdlen; 51 51 char *cwd; 52 52 struct ordered_samples ordered_samples; 53 - char filename[0]; 53 + char filename[1]; 54 54 }; 55 55 56 56 struct perf_tool;