From: "Steven Rostedt (Google)" <rostedt@xxxxxxxxxxx>
The raw prints that uses the parsed fields directly, had a bug in it where
the check to catch if reading the event went beyond the event size it
would warn. But instead of testing against the event size, it was testing
against the field size. The test was suppose to test:
field->offset + field->size > data_size
Which would catch an overflow, but instead it was testing:
field->offset + field->size > field->size
Which will always be true! (well, if the field was not at the beginning of
the data, which is always is due to meta data).
Have it check the data size and not the field size.
Bugzilla: https://bugzilla.kernel.org/show_bug.cgi?id=216896
Reported-by: Douglas RAILLARD <douglas.raillard@xxxxxxx>
Fixes: 09f02890358a2 ("libtraceevent: Improve tep_print_field()")
Signed-off-by: Steven Rostedt (Google) <rostedt@xxxxxxxxxxx>
---
src/event-parse.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/event-parse.c b/src/event-parse.c
index 8167777fccd7..18db7fcb456d 100644
--- a/src/event-parse.c
+++ b/src/event-parse.c
@@ -6032,7 +6032,7 @@ static inline void print_field(struct trace_seq *s, void *data, int size,
if (has_0x)
trace_seq_puts(s, "0x");
- print_parse_data(parse, s, data, field->size, event);
+ print_parse_data(parse, s, data, size, event);
if (parse_ptr)
*parse_ptr = parse->next;
--
2.35.1
|