perf tools: Fix out-of-bound access to struct perf_session
authorRobert Richter <robert.richter@amd.com>
Wed, 7 Dec 2011 09:02:52 +0000 (10:02 +0100)
committerArnaldo Carvalho de Melo <acme@redhat.com>
Fri, 23 Dec 2011 18:57:41 +0000 (16:57 -0200)
If filename is NULL there is an out-of-bound access to struct
perf_session if it would be used with perf_session__open(). Shouldn't
actually happen in current implementation as filename is always !NULL.
Fixing this by always null-terminating filename.

Cc: Frederic Weisbecker <fweisbec@gmail.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Link: http://lkml.kernel.org/r/1323248577-11268-3-git-send-email-robert.richter@amd.com
Signed-off-by: Robert Richter <robert.richter@amd.com>
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
tools/perf/util/session.c
tools/perf/util/session.h

index d9318d8a9ba1aabd00520c29119e36e5fb5e677f..ea17dfb85baa3f6ddad7791650329607150e47cf 100644 (file)
@@ -107,7 +107,7 @@ struct perf_session *perf_session__new(const char *filename, int mode,
                                       bool force, bool repipe,
                                       struct perf_tool *tool)
 {
-       size_t len = filename ? strlen(filename) + 1 : 0;
+       size_t len = filename ? strlen(filename) : 0;
        struct perf_session *self = zalloc(sizeof(*self) + len);
 
        if (self == NULL)
index fb696124ad61a32407127ddb874771ed7b95a1f0..37bc38381fb67940b4290d619603c5786d03eab0 100644 (file)
@@ -50,7 +50,7 @@ struct perf_session {
        int                     cwdlen;
        char                    *cwd;
        struct ordered_samples  ordered_samples;
-       char                    filename[0];
+       char                    filename[1];
 };
 
 struct perf_tool;