Prevent buffer overflow in update_pid_filters()

Resolves: RHEL-56731
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
This commit is contained in:
Jerome Marchand 2025-01-15 14:41:43 +01:00
parent 6af7c17516
commit bf8b84de0e
2 changed files with 42 additions and 1 deletions

View File

@ -0,0 +1,37 @@
From c76f2404340e4fa3159536355a0e095631fb7920 Mon Sep 17 00:00:00 2001
From: Jerome Marchand <jmarchan@redhat.com>
Date: Tue, 29 Oct 2024 09:47:05 +0100
Subject: [PATCH] trace-cmd: Prevent buffer overflow in update_pid_filters()
The buffer in which the updated filter is written in
update_pid_filters() is missing one byte to store the null character.
It fixes the following error:
$ trace-cmd start -e irq:* -e sched:* -P 1
*** buffer overflow detected ***: terminated
Aborted (core dumped)
Fixes: 5502bcef0f962 ("trace-cmd: Handle filtered PIDs per ftarce instance")
Link: https://lore.kernel.org/20241029084705.629605-1-jmarchan@redhat.com
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
tracecmd/trace-record.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c
index 6e9b4535..c7c43e17 100644
--- a/tracecmd/trace-record.c
+++ b/tracecmd/trace-record.c
@@ -2852,7 +2852,7 @@ static void update_pid_filters(struct buffer_instance *instance)
if (fd < 0)
die("Failed to access set_event_pid");
- len = instance->len_filter_pids + instance->nr_filter_pids;
+ len = instance->len_filter_pids + instance->nr_filter_pids + 1;
filter = malloc(len);
if (!filter)
die("Failed to allocate pid filter");
--
2.47.1

View File

@ -6,7 +6,7 @@
Name: trace-cmd Name: trace-cmd
Version: %{srcversion} Version: %{srcversion}
Release: 1%{?dist} Release: 2%{?dist}
License: LGPL-2.1-only AND LGPL-2.1-or-later AND GPL-2.0-only AND GPL-2.0-or-later License: LGPL-2.1-only AND LGPL-2.1-or-later AND GPL-2.0-only AND GPL-2.0-or-later
Summary: A user interface to Ftrace Summary: A user interface to Ftrace
@ -29,6 +29,7 @@ Patch4: trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch
Patch5: trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch Patch5: trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch
Patch6: trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch Patch6: trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch
Patch7: trace-cmd-record-Check-the-length-of-the-protocol-ve.patch Patch7: trace-cmd-record-Check-the-length-of-the-protocol-ve.patch
Patch8: trace-cmd-Prevent-buffer-overflow-in-update_pid_filt.patch
BuildRequires: make BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
@ -110,6 +111,9 @@ rm -rf %{buildroot}/%{_mandir}/man3/*
%{_libdir}/%{name}/python/ %{_libdir}/%{name}/python/
%changelog %changelog
* Wed Jan 15 2025 Jerome Marchand <jmarchan@redhat.com> - 3.3.1-2
- Prevent buffer overflow in update_pid_filters() (RHEL-56731)
* Thu Nov 28 2024 Jerome Marchand <jmarchan@redhat.com> - 3.3.1-1 * Thu Nov 28 2024 Jerome Marchand <jmarchan@redhat.com> - 3.3.1-1
- Rebase to 3.3.1 and backport further SAST patches (RHEL-40111) - Rebase to 3.3.1 and backport further SAST patches (RHEL-40111)