Prevent buffer overflow in update_pid_filters()
Resolves: RHEL-56731 Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
This commit is contained in:
parent
6af7c17516
commit
bf8b84de0e
37
trace-cmd-Prevent-buffer-overflow-in-update_pid_filt.patch
Normal file
37
trace-cmd-Prevent-buffer-overflow-in-update_pid_filt.patch
Normal file
@ -0,0 +1,37 @@
|
||||
From c76f2404340e4fa3159536355a0e095631fb7920 Mon Sep 17 00:00:00 2001
|
||||
From: Jerome Marchand <jmarchan@redhat.com>
|
||||
Date: Tue, 29 Oct 2024 09:47:05 +0100
|
||||
Subject: [PATCH] trace-cmd: Prevent buffer overflow in update_pid_filters()
|
||||
|
||||
The buffer in which the updated filter is written in
|
||||
update_pid_filters() is missing one byte to store the null character.
|
||||
|
||||
It fixes the following error:
|
||||
$ trace-cmd start -e irq:* -e sched:* -P 1
|
||||
*** buffer overflow detected ***: terminated
|
||||
Aborted (core dumped)
|
||||
|
||||
Fixes: 5502bcef0f962 ("trace-cmd: Handle filtered PIDs per ftarce instance")
|
||||
Link: https://lore.kernel.org/20241029084705.629605-1-jmarchan@redhat.com
|
||||
Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
|
||||
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
|
||||
---
|
||||
tracecmd/trace-record.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/tracecmd/trace-record.c b/tracecmd/trace-record.c
|
||||
index 6e9b4535..c7c43e17 100644
|
||||
--- a/tracecmd/trace-record.c
|
||||
+++ b/tracecmd/trace-record.c
|
||||
@@ -2852,7 +2852,7 @@ static void update_pid_filters(struct buffer_instance *instance)
|
||||
if (fd < 0)
|
||||
die("Failed to access set_event_pid");
|
||||
|
||||
- len = instance->len_filter_pids + instance->nr_filter_pids;
|
||||
+ len = instance->len_filter_pids + instance->nr_filter_pids + 1;
|
||||
filter = malloc(len);
|
||||
if (!filter)
|
||||
die("Failed to allocate pid filter");
|
||||
--
|
||||
2.47.1
|
||||
|
@ -6,7 +6,7 @@
|
||||
|
||||
Name: trace-cmd
|
||||
Version: %{srcversion}
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: LGPL-2.1-only AND LGPL-2.1-or-later AND GPL-2.0-only AND GPL-2.0-or-later
|
||||
Summary: A user interface to Ftrace
|
||||
|
||||
@ -29,6 +29,7 @@ Patch4: trace-cmd-record-Prevent-memory-leak-in-setup_networ.patch
|
||||
Patch5: trace-cmd-lib-Prevent-memory-leak-in-tracecmd_create.patch
|
||||
Patch6: trace-cmd-mem-Prevent-a-memory-leak-in-trace_mem.patch
|
||||
Patch7: trace-cmd-record-Check-the-length-of-the-protocol-ve.patch
|
||||
Patch8: trace-cmd-Prevent-buffer-overflow-in-update_pid_filt.patch
|
||||
|
||||
BuildRequires: make
|
||||
BuildRequires: gcc
|
||||
@ -110,6 +111,9 @@ rm -rf %{buildroot}/%{_mandir}/man3/*
|
||||
%{_libdir}/%{name}/python/
|
||||
|
||||
%changelog
|
||||
* Wed Jan 15 2025 Jerome Marchand <jmarchan@redhat.com> - 3.3.1-2
|
||||
- Prevent buffer overflow in update_pid_filters() (RHEL-56731)
|
||||
|
||||
* Thu Nov 28 2024 Jerome Marchand <jmarchan@redhat.com> - 3.3.1-1
|
||||
- Rebase to 3.3.1 and backport further SAST patches (RHEL-40111)
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user