On Fri, 31 Jan 2020 14:11:06 +0200
"Tzvetomir Stoyanov (VMware)" <tz.stoyanov@xxxxxxxxx> wrote:
> +static int trace_guest_load(struct tracecmd_input *handle, char *buf, int size)
> +{
> + struct guest_trace_info *guest = NULL;
> + int cpu;
> + int i;
> +
> + guest = calloc(1, sizeof(struct guest_trace_info));
> + if (!guest)
> + goto error;
> +
> + /*
> + * Guest name, null terminated string
> + * long long (8 bytes) trace-id
> + * int (4 bytes) number of guest CPUs
> + * array of size number of guest CPUs:
> + * int (4 bytes) Guest CPU id
> + * int (4 bytes) Host PID, running the guest CPU
> + */
> +
> + guest->name = strndup(buf, size);
> + if (!guest->name)
> + goto error;
> + buf += strlen(guest->name) + 1;
> + size -= strlen(guest->name) + 1;
> +
> + if (size < sizeof(long long))
> + goto error;
> + guest->trace_id = tep_read_number(handle->pevent, buf, sizeof(long long));
> + buf += sizeof(long long);
Don't we need:
size -= sizeof(long long);
> +
> + if (size < sizeof(int))
> + goto error;
> + guest->vcpu_count = tep_read_number(handle->pevent, buf, sizeof(int));
> + buf += sizeof(int);
size -= sizeof(int);
> +
> + guest->cpu_pid = calloc(guest->vcpu_count, sizeof(int));
> + if (!guest->cpu_pid)
> + goto error;
> +
> + for (i = 0; i < guest->vcpu_count; i++) {
> + if (size < 2 * sizeof(int))
> + goto error;
> + cpu = tep_read_number(handle->pevent, buf, sizeof(int));
> + buf += sizeof(int);
> + if (cpu >= guest->vcpu_count)
> + goto error;
> + guest->cpu_pid[cpu] = tep_read_number(handle->pevent,
> + buf, sizeof(int));
> + buf += sizeof(int);
size -= 2 * sizeof(int);
-- Steve
> + }
> +
> + guest->next = handle->guest;
> + handle->guest = guest;
> + return 0;
> +
> +error:
> + if (guest) {
> + free(guest->cpu_pid);
> + free(guest->name);
> + free(guest);
> + }
> + return -1;
> +}
> +
|