The internal helper function, used for loading saved printk formats,
kallsyms and command lines retuns 0 in case the given file exist,
but is empty. In that case a buffer is not allocated and size 0 is
returned. Logic for loading those mappings does not handle that case,
which leads to memory corrupion freeing invalid memory.
Signed-off-by: Tzvetomir Stoyanov (VMware) <tz.stoyanov@xxxxxxxxx>
---
src/tracefs-events.c | 6 +++---
1 file changed, 3 insertions(+), 3 deletions(-)
diff --git a/src/tracefs-events.c b/src/tracefs-events.c
index 94573b3..3a6196b 100644
--- a/src/tracefs-events.c
+++ b/src/tracefs-events.c
@@ -603,7 +603,7 @@ static void load_kallsyms(struct tep_handle *tep)
{
char *buf;
- if (str_read_file("/proc/kallsyms", &buf, false) < 0)
+ if (str_read_file("/proc/kallsyms", &buf, false) <= 0)
return;
tep_parse_kallsyms(tep, buf);
@@ -623,7 +623,7 @@ static int load_saved_cmdlines(const char *tracing_dir,
ret = str_read_file(path, &buf, false);
free(path);
- if (ret < 0)
+ if (ret <= 0)
return -1;
ret = tep_parse_saved_cmdlines(tep, buf);
@@ -645,7 +645,7 @@ static void load_printk_formats(const char *tracing_dir,
ret = str_read_file(path, &buf, false);
free(path);
- if (ret < 0)
+ if (ret <= 0)
return;
tep_parse_printk_formats(tep, buf);
--
2.30.2
|