On Thu, 11 Nov 2021 17:08:03 +0200
"Tzvetomir Stoyanov (VMware)" <tz.stoyanov@xxxxxxxxx> wrote:
> --- a/tracecmd/trace-record.c
> +++ b/tracecmd/trace-record.c
> @@ -4169,7 +4169,6 @@ static void touch_file(const char *file)
> }
>
> static void append_buffer(struct tracecmd_output *handle,
> - struct tracecmd_option *buffer_option,
> struct buffer_instance *instance,
> char **temp_files)
> {
> @@ -4197,7 +4196,7 @@ static void append_buffer(struct tracecmd_output *handle,
> touch_file(temp_files[i]);
> }
>
> - tracecmd_append_buffer_cpu_data(handle, buffer_option,
> + tracecmd_append_buffer_cpu_data(handle, NULL,
> cpu_count, temp_files);
>
> for (i = 0; i < instance->cpu_count; i++) {
Where we have:
int tracecmd_append_buffer_cpu_data(struct tracecmd_output *handle,
struct tracecmd_option *option,
int cpus, char * const *cpu_data_files)
{
tsize_t offset;
stsize_t ret;
offset = lseek64(handle->fd, 0, SEEK_CUR);
/* Go to the option data, where will write the offest */
ret = lseek64(handle->fd, option->offset, SEEK_SET);
Now we dereference a NULL pointer because option is NULL here.
I know that this gets fixed in later patches, but we should not have a
known null pointer dereference in git history.
-- Steve
|