diff options
author | Linus Torvalds <torvalds@linux-foundation.org> | 2022-03-26 14:54:41 -0700 |
---|---|---|
committer | Linus Torvalds <torvalds@linux-foundation.org> | 2022-03-26 14:54:41 -0700 |
commit | f022814633e1c600507b3a99691b4d624c2813f0 (patch) | |
tree | 8bb10067a8777133c9ad86c2ef38a4b1dada607f /kernel/trace | |
parent | 710f5d627a98e86f821aceb840b8f2f1fcc6cf75 (diff) | |
parent | eca344a7362e0f34f179298fd8366bcd556eede1 (diff) |
Merge tag 'trace-v5.18-1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
Pull trace event string verifier fix from Steven Rostedt:
"The run-time string verifier checks all trace event formats as
they are read from the tracing file to make sure that the %s pointers
are not reading something that no longer exists.
However, it failed to account for the valid case of '%*.s' where the
length given is zero, and the string is NULL. It incorrectly flagged
it as a null pointer dereference and gave a WARN_ON()"
* tag 'trace-v5.18-1' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
tracing: Have trace event string test handle zero length strings
Diffstat (limited to 'kernel/trace')
-rw-r--r-- | kernel/trace/trace.c | 9 |
1 files changed, 7 insertions, 2 deletions
diff --git a/kernel/trace/trace.c b/kernel/trace/trace.c index 08ea781540b5..f4de111fa18f 100644 --- a/kernel/trace/trace.c +++ b/kernel/trace/trace.c @@ -3673,12 +3673,17 @@ static char *trace_iter_expand_format(struct trace_iterator *iter) } /* Returns true if the string is safe to dereference from an event */ -static bool trace_safe_str(struct trace_iterator *iter, const char *str) +static bool trace_safe_str(struct trace_iterator *iter, const char *str, + bool star, int len) { unsigned long addr = (unsigned long)str; struct trace_event *trace_event; struct trace_event_call *event; + /* Ignore strings with no length */ + if (star && !len) + return true; + /* OK if part of the event data */ if ((addr >= (unsigned long)iter->ent) && (addr < (unsigned long)iter->ent + iter->ent_size)) @@ -3864,7 +3869,7 @@ void trace_check_vprintf(struct trace_iterator *iter, const char *fmt, * instead. See samples/trace_events/trace-events-sample.h * for reference. */ - if (WARN_ONCE(!trace_safe_str(iter, str), + if (WARN_ONCE(!trace_safe_str(iter, str, star, len), "fmt: '%s' current_buffer: '%s'", fmt, show_buffer(&iter->seq))) { int ret; |