Patch "perf tests: Avoid possible truncation with dirent->d_name + snprintf" has been added to the 4.4-stable tree

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

This is a note to let you know that I've just added the patch titled

    perf tests: Avoid possible truncation with dirent->d_name + snprintf

to the 4.4-stable tree which can be found at:
    http://www.kernel.org/git/?p=linux/kernel/git/stable/stable-queue.git;a=summary

The filename of the patch is:
     perf-tests-avoid-possible-truncation-with-dirent-d_name-snprintf.patch
and it can be found in the queue-4.4 subdirectory.

If you, or anyone else, feels it should not be added to the stable tree,
please let <stable@xxxxxxxxxxxxxxx> know about it.


>From 2e2bbc039fad9eabad6c4c1a473c8b2554cdd2d4 Mon Sep 17 00:00:00 2001
From: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
Date: Thu, 9 Feb 2017 14:48:46 -0300
Subject: perf tests: Avoid possible truncation with dirent->d_name + snprintf

From: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>

commit 2e2bbc039fad9eabad6c4c1a473c8b2554cdd2d4 upstream.

Addressing a few cases spotted by a new warning in gcc 7:

  tests/parse-events.c: In function 'test_pmu_events':
  tests/parse-events.c:1790:39: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size 90 [-Werror=format-truncation=]
     snprintf(name, MAX_NAME, "cpu/event=%s/u", ent->d_name);
                                       ^~
  In file included from /usr/include/stdio.h:939:0,
                   from /git/linux/tools/perf/util/map.h:9,
                   from /git/linux/tools/perf/util/symbol.h:7,
                   from /git/linux/tools/perf/util/evsel.h:10,
                   from tests/parse-events.c:3:
  /usr/include/bits/stdio2.h:64:10: note: '__builtin___snprintf_chk' output between 13 and 268 bytes into a destination of size 100
     return __builtin___snprintf_chk (__s, __n, __USE_FORTIFY_LEVEL - 1,
            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
          __bos (__s), __fmt, __va_arg_pack ());
          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  tests/parse-events.c:1798:29: error: '%s' directive output may be truncated writing up to 255 bytes into a region of size 100 [-Werror=format-truncation=]
     snprintf(name, MAX_NAME, "%s:u,cpu/event=%s/u", ent->d_name, ent->d_name);

Cc: Adrian Hunter <adrian.hunter@xxxxxxxxx>
Cc: David Ahern <dsahern@xxxxxxxxx>
Cc: Jiri Olsa <jolsa@xxxxxxxxxx>
Cc: Namhyung Kim <namhyung@xxxxxxxxxx>
Cc: Wang Nan <wangnan0@xxxxxxxxxx>
Fixes: 945aea220bb8 ("perf tests: Move test objects into 'tests' directory")
Link: http://lkml.kernel.org/n/tip-ty4q2p8zp1dp3mskvubxskm5@xxxxxxxxxxxxxx
Signed-off-by: Arnaldo Carvalho de Melo <acme@xxxxxxxxxx>
Signed-off-by: Greg Kroah-Hartman <gregkh@xxxxxxxxxxxxxxxxxxx>

---
 tools/perf/tests/parse-events.c |    8 +++-----
 1 file changed, 3 insertions(+), 5 deletions(-)

--- a/tools/perf/tests/parse-events.c
+++ b/tools/perf/tests/parse-events.c
@@ -1727,15 +1727,14 @@ static int test_pmu_events(void)
 	}
 
 	while (!ret && (ent = readdir(dir))) {
-#define MAX_NAME 100
 		struct evlist_test e;
-		char name[MAX_NAME];
+		char name[2 * NAME_MAX + 1 + 12 + 3];
 
 		if (!strcmp(ent->d_name, ".") ||
 		    !strcmp(ent->d_name, ".."))
 			continue;
 
-		snprintf(name, MAX_NAME, "cpu/event=%s/u", ent->d_name);
+		snprintf(name, sizeof(name), "cpu/event=%s/u", ent->d_name);
 
 		e.name  = name;
 		e.check = test__checkevent_pmu_events;
@@ -1743,11 +1742,10 @@ static int test_pmu_events(void)
 		ret = test_event(&e);
 		if (ret)
 			break;
-		snprintf(name, MAX_NAME, "%s:u,cpu/event=%s/u", ent->d_name, ent->d_name);
+		snprintf(name, sizeof(name), "%s:u,cpu/event=%s/u", ent->d_name, ent->d_name);
 		e.name  = name;
 		e.check = test__checkevent_pmu_events_mix;
 		ret = test_event(&e);
-#undef MAX_NAME
 	}
 
 	closedir(dir);


Patches currently in stable-queue which might be from acme@xxxxxxxxxx are

queue-4.4/perf-tools-use-readdir-instead-of-deprecated-readdir_r.patch
queue-4.4/perf-thread_map-correctly-size-buffer-used-with-dirent-dt_name.patch
queue-4.4/perf-tests-remove-wrong-semicolon-in-while-loop-in-cqm-test.patch
queue-4.4/perf-annotate-browser-fix-behaviour-of-shift-tab-with-nothing-focussed.patch
queue-4.4/perf-tests-avoid-possible-truncation-with-dirent-d_name-snprintf.patch
queue-4.4/perf-top-use-__fallthrough.patch
queue-4.4/perf-scripting-perl-fix-compile-error-with-some-perl5-versions.patch
queue-4.4/perf-bench-numa-avoid-possible-truncation-when-using-snprintf.patch
queue-4.4/perf-tools-use-readdir-instead-of-deprecated-readdir_r-again.patch
queue-4.4/perf-thread_map-use-readdir-instead-of-deprecated-readdir_r.patch
queue-4.4/perf-tools-remove-duplicate-const-qualifier.patch
queue-4.4/tools-string-use-__fallthrough-in-perf_atoll.patch
queue-4.4/perf-intel-pt-use-__fallthrough.patch
queue-4.4/perf-script-use-readdir-instead-of-deprecated-readdir_r.patch
queue-4.4/tools-include-add-a-__fallthrough-statement.patch
queue-4.4/tools-strfilter-use-__fallthrough.patch
queue-4.4/perf-dwarf-guard-x86_64-definitions-under-ifdef-else-clause.patch
queue-4.4/perf-pmu-fix-misleadingly-indented-assignment-whitespace.patch
queue-4.4/perf-trace-do-not-process-perf_record_lost-twice.patch
[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]