Note, please start the subject with a capital letter: trace-cmd dump: Prevent buffer overrun in dump_clock() On Wed, 5 Jun 2024 15:40:37 +0200 "Jerome Marchand" <jmarchan@xxxxxxxxxx> wrote: > The clock isn't big enough to hold the string with the null > terminating character. Worse, clock[size], which is out of range, is > set to 0. Allocate a big enough buffer. > > Fixes an OVERRUN error (CWE-119) > > Signed-off-by: Jerome Marchand <jmarchan@xxxxxxxxxx> > --- > tracecmd/trace-dump.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/tracecmd/trace-dump.c b/tracecmd/trace-dump.c > index 11c1baf1..c0a282c9 100644 > --- a/tracecmd/trace-dump.c > +++ b/tracecmd/trace-dump.c > @@ -961,7 +961,7 @@ static void dump_clock(int fd) > } > if (read_file_number(fd, &size, 8)) > die("cannot read clock size"); > - clock = calloc(1, size); > + clock = calloc(1, size+1); Also we follow the Linux kernel syntax. Please add spaces. clock = calloc(1, size + 1); Care to resend. I'll skip this patch as well. Thanks, -- Steve > if (!clock) > die("cannot allocate clock %lld bytes", size); >