From 360e071b1822d40357e371357f24f6ec43f0a080 Mon Sep 17 00:00:00 2001 From: Taeung Song Date: Wed, 1 Feb 2017 21:34:07 +0900 Subject: [PATCH] perf tools: Use zfree() to avoid keeping dangling pointers The cases changed in this patch are for when we free but keep the pointer to the freed area, which is not always a good idea. Be more defensive and zero the pointer to avoid possible use after free bugs to take more time to be detected. Signed-off-by: Taeung Song Cc: Jiri Olsa Cc: Namhyung Kim Cc: Peter Zijlstra Cc: Wang Nan Link: http://lkml.kernel.org/r/1485952447-7013-5-git-send-email-treeze.taeung@gmail.com [ rewrote commit log ] Signed-off-by: Arnaldo Carvalho de Melo --- tools/perf/util/parse-events.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/tools/perf/util/parse-events.c b/tools/perf/util/parse-events.c index ab1ba22d879a..07be0762e53e 100644 --- a/tools/perf/util/parse-events.c +++ b/tools/perf/util/parse-events.c @@ -1479,7 +1479,7 @@ static void perf_pmu__parse_cleanup(void) for (i = 0; i < perf_pmu_events_list_num; i++) { p = perf_pmu_events_list + i; - free(p->symbol); + zfree(&p->symbol); } zfree(&perf_pmu_events_list); perf_pmu_events_list_num = 0; @@ -1570,7 +1570,7 @@ perf_pmu__parse_check(const char *name) r = bsearch(&p, perf_pmu_events_list, (size_t) perf_pmu_events_list_num, sizeof(struct perf_pmu_event_symbol), comp_pmu); - free(p.symbol); + zfree(&p.symbol); return r ? r->type : PMU_EVENT_SYMBOL_ERR; } @@ -1717,8 +1717,8 @@ static void parse_events_print_error(struct parse_events_error *err, fprintf(stderr, "%*s\\___ %s\n", idx + 1, "", err->str); if (err->help) fprintf(stderr, "\n%s\n", err->help); - free(err->str); - free(err->help); + zfree(&err->str); + zfree(&err->help); } fprintf(stderr, "Run 'perf list' for a list of valid events\n"); @@ -2413,7 +2413,7 @@ void parse_events_terms__purge(struct list_head *terms) list_for_each_entry_safe(term, h, terms, list) { if (term->array.nr_ranges) - free(term->array.ranges); + zfree(&term->array.ranges); list_del_init(&term->list); free(term); } @@ -2429,7 +2429,7 @@ void parse_events_terms__delete(struct list_head *terms) void parse_events__clear_array(struct parse_events_array *a) { - free(a->ranges); + zfree(&a->ranges); } void parse_events_evlist_error(struct parse_events_evlist *data, -- 2.20.1