From: "Steven Rostedt (Google)" <rostedt@xxxxxxxxxxx>
Fix tracecmd_read_data() to not read a cpu if it is greater than the
number of CPUs recorded.
As tracecmd_cpus() returns the number of CPUs found in the system which
can be greater than the number of CPUs stored in the buffer, it is likely
that a caller will pass in a CPU number that is greater than the stored
array of cpu_data.
In this case return NULL otherwise it will access beyond the cpu_data
array.
Fixes: 8724996990021 ("trace-cmd library: Read extended BUFFER option")
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
---
lib/trace-cmd/trace-input.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/lib/trace-cmd/trace-input.c b/lib/trace-cmd/trace-input.c
index b8705ce364d1..425c6077d88e 100644
--- a/lib/trace-cmd/trace-input.c
+++ b/lib/trace-cmd/trace-input.c
@@ -2462,6 +2462,9 @@ tracecmd_read_data(struct tracecmd_input *handle, int cpu)
{
struct tep_record *record;
+ if (cpu >= handle->cpus)
+ return NULL;
+
record = tracecmd_peek_data(handle, cpu);
handle->cpu_data[cpu].next = NULL;
if (record) {
--
2.35.1
|