projects / linux.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 9f8e5ae)
user_events: Fix potential uninitialized pointer while parsing field
authorBeau Belgrave <beaub@linux.microsoft.com>
Thu, 24 Feb 2022 18:16:37 +0000 (10:16 -0800)
committerSteven Rostedt (Google) <rostedt@goodmis.org>
Thu, 10 Mar 2022 22:41:18 +0000 (17:41 -0500)
Ensure name is initialized by default to NULL to prevent possible edge
cases that could lead to it being left uninitialized. Add an explicit
check for NULL name to ensure edge boundaries.

Link: https://lore.kernel.org/bpf/20220224105334.GA2248@kili/
Link: https://lore.kernel.org/linux-trace-devel/20220224181637.2129-1-beaub@linux.microsoft.com
Signed-off-by: Beau Belgrave <beaub@linux.microsoft.com>
Reported-by: Dan Carpenter <dan.carpenter@oracle.com>
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
kernel/trace/trace_events_user.c patch | blob | history

diff --git a/kernel/trace/trace_events_user.c b/kernel/trace/trace_events_user.c
index 2b5e9fdb63a053d5c1f7e3d4279a93bf3450eae7..9a6191a6a7864fd953c08c60ca556ab39eb7f3ac 100644 (file)
--- a/kernel/trace/trace_events_user.c
+++ b/kernel/trace/trace_events_user.c
@@ -362,6 +362,8 @@ skip_next:
        *field++ = '\0';
        depth++;
 parse:
+       name = NULL;
+
        while ((part = strsep(&field, " ")) != NULL) {
                switch (depth++) {
                case FIELD_DEPTH_TYPE:
@@ -382,7 +384,7 @@ parse:
                }
        }
 
-       if (depth < FIELD_DEPTH_SIZE)
+       if (depth < FIELD_DEPTH_SIZE || !name)
                return -EINVAL;
 
        if (depth == FIELD_DEPTH_SIZE)
ep93xx device tree rework repo: git://git.maquefel.me/linux.git