Re: [RFC PATCH v4 1/6] perf stat: Parse and find tpebs events when parsing metrics to prepare for perf record sampling

From: Andi Kleen
Date: Tue Mar 12 2024 - 19:58:38 EST

Next message: Puranjay Mohan: "[PATCH bpf] bpf, arm64: fix bug in BPF_LDX_MEMSX"
Previous message: Guenter Roeck: "Re: [PATCH v4 3/3] hwmon: Driver for Nuvoton NCT7363Y"
In reply to: weilin . wang: "[RFC PATCH v4 1/6] perf stat: Parse and find tpebs events when parsing metrics to prepare for perf record sampling"
Next in thread: Wang, Weilin: "RE: [RFC PATCH v4 1/6] perf stat: Parse and find tpebs events when parsing metrics to prepare for perf record sampling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

weilin.wang@xxxxxxxxx writes:
> +
> + new_event->tpebs_name = strdup(id);
> + *p = '\0';
> + name = malloc(strlen(id) + 2);
> + if (!name)
> + return -ENOMEM;
> +
> + at = strchr(id, '@');
> + if (at != NULL) {
> + *at = '/';
> + at = strchr(id, '@');
> + *at = '/';
> + strcpy(name, id);
> + strcat(name, "p");
> + } else {
> + strcpy(name, id);
> + strcat(name, ":p");

This seems like a buffer overflow because :p is 3 bytes including 0,
but you only allocate + 2.
You should really use safe string primitives, then you would have
noticed the truncation.

-Andi

Next message: Puranjay Mohan: "[PATCH bpf] bpf, arm64: fix bug in BPF_LDX_MEMSX"
Previous message: Guenter Roeck: "Re: [PATCH v4 3/3] hwmon: Driver for Nuvoton NCT7363Y"
In reply to: weilin . wang: "[RFC PATCH v4 1/6] perf stat: Parse and find tpebs events when parsing metrics to prepare for perf record sampling"
Next in thread: Wang, Weilin: "RE: [RFC PATCH v4 1/6] perf stat: Parse and find tpebs events when parsing metrics to prepare for perf record sampling"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]