Re: [PATCH] perf tools: Fix potential array out of bounce accessing

From: Matt Fleming
Date: Tue Sep 01 2015 - 04:45:23 EST


On Tue, 01 Sep, at 03:29:44AM, Wang Nan wrote:
> There is a problem in dwarf-regs.c of sh, sparc and x86 that it is
> possible to make an out-of-bound array accessing when searching
> register names. This patch fixes it by replacing '<=' to '<', so when
> register (number == XXX_MAX_REGS), get_arch_regstr() returns NULL.
>
> Signed-off-by: Wang Nan <wangnan0@xxxxxxxxxx>
> Cc: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
> Cc: Masami Hiramatsu <masami.hiramatsu.pt@xxxxxxxxxxx>
> Cc: David S. Miller <davem@xxxxxxxxxxxxx>
> Cc: Matt Fleming <matt@xxxxxxxxxxxxxxxxx>
> Cc: Jiri Olsa <jolsa@xxxxxxxxxx>
> ---
> tools/perf/arch/sh/util/dwarf-regs.c | 2 +-
> tools/perf/arch/sparc/util/dwarf-regs.c | 2 +-
> tools/perf/arch/x86/util/dwarf-regs.c | 2 +-
> 3 files changed, 3 insertions(+), 3 deletions(-)

Hmm, I wonder how that bug was introduced. I guess copy and paste is
probably to blame. Good catch.

Reviewed-by: Matt Fleming <matt.fleming@xxxxxxxxx>

--
Matt Fleming, Intel Open Source Technology Center
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/