libtraceevent: Handle case of unknown operator

Message ID	20241119151809.4da5f874@gandalf.local.home (mailing list archive)
State	Accepted
Commit	45a9b0647c904b7bf1240da5a11fe3a1ffd1006d
Headers	show Received: from smtp.kernel.org (aws-us-west-2-korg-mail-1.web.codeaurora.org [10.30.226.201]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id C13E41D0B8A for <linux-trace-devel@vger.kernel.org>; Tue, 19 Nov 2024 20:17:36 +0000 (UTC) Date: Tue, 19 Nov 2024 15:18:09 -0500 From: Steven Rostedt <rostedt@goodmis.org> To: Linux Trace Devel <linux-trace-devel@vger.kernel.org> Cc: Jean-Michel Hautbois <jeanmichel.hautbois@yoseli.org> Subject: [PATCH] libtraceevent: Handle case of unknown operator Message-ID: <20241119151809.4da5f874@gandalf.local.home> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit
Series	libtraceevent: Handle case of unknown operator \| expand libtraceevent: Handle case of unknown operator

Message ID

20241119151809.4da5f874@gandalf.local.home (mailing list archive)

State

Accepted

Commit

45a9b0647c904b7bf1240da5a11fe3a1ffd1006d

Headers

Date: Tue, 19 Nov 2024 15:18:09 -0500
From: Steven Rostedt <rostedt@goodmis.org>
To: Linux Trace Devel <linux-trace-devel@vger.kernel.org>
Cc: Jean-Michel Hautbois <jeanmichel.hautbois@yoseli.org>
Subject: [PATCH] libtraceevent: Handle case of unknown operator
Message-ID: <20241119151809.4da5f874@gandalf.local.home>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit

Series

libtraceevent: Handle case of unknown operator | expand

Commit Message

Steven Rostedt Nov. 19, 2024, 8:18 p.m. UTC

From: "Steven Rostedt (Google)" <rostedt@goodmis.org>

The m68k architecture had a trace event with "m68k_memory[0].addr >> 13"
in it. The parsing after the ']' and before the '.' checked the priority
of the '.' but because it does not handle '.' as an operator it returned a
negative number. But process_op() did not check for an error and continued
processing. This caused a segfault.

Return immediately if the operator is not handled by get_op_prio().

Link: https://lore.kernel.org/all/20241119112850.219834f5@gandalf.local.home/

Reported-by: Jean-Michel Hautbois <jeanmichel.hautbois@yoseli.org>
Fixes: 6582b0aea1cc ("tools/events: Add files to create libtraceevent.a")
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
 src/event-parse.c | 4 ++++
 1 file changed, 4 insertions(+)

Comments

Jean-Michel Hautbois Nov. 19, 2024, 10:01 p.m. UTC | #1

Hello Steve,

On 19/11/2024 21:18, Steven Rostedt wrote:
> From: "Steven Rostedt (Google)" <rostedt@goodmis.org>
> 
> The m68k architecture had a trace event with "m68k_memory[0].addr >> 13"
> in it. The parsing after the ']' and before the '.' checked the priority
> of the '.' but because it does not handle '.' as an operator it returned a
> negative number. But process_op() did not check for an error and continued
> processing. This caused a segfault.
> 
> Return immediately if the operator is not handled by get_op_prio().
> 
> Link: https://lore.kernel.org/all/20241119112850.219834f5@gandalf.local.home/
> 
> Reported-by: Jean-Michel Hautbois <jeanmichel.hautbois@yoseli.org>
> Fixes: 6582b0aea1cc ("tools/events: Add files to create libtraceevent.a")
> Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>

Thank you for your patch !
Tested-by: Jean-Michel Hautbois <jeanmichel.hautbois@yoseli.org>

> ---
>   src/event-parse.c | 4 ++++
>   1 file changed, 4 insertions(+)
> 
> diff --git a/src/event-parse.c b/src/event-parse.c
> index 0427061603db..a6da8f04cbf3 100644
> --- a/src/event-parse.c
> +++ b/src/event-parse.c
> @@ -2498,6 +2498,10 @@ process_op(struct tep_event *event, struct tep_print_arg *arg, char **tok)
>   
>   		/* higher prios need to be closer to the root */
>   		prio = get_op_prio(*tok);
> +		if (prio < 0) {
> +			token = *tok;
> +			goto out_free;
> +		}
>   
>   		if (prio > arg->op.prio)
>   			return process_op(event, arg, tok);

diff --git a/src/event-parse.c b/src/event-parse.c
index 0427061603db..a6da8f04cbf3 100644
--- a/src/event-parse.c
+++ b/src/event-parse.c
@@ -2498,6 +2498,10 @@  process_op(struct tep_event *event, struct tep_print_arg *arg, char **tok)
 
 		/* higher prios need to be closer to the root */
 		prio = get_op_prio(*tok);
+		if (prio < 0) {
+			token = *tok;
+			goto out_free;
+		}
 
 		if (prio > arg->op.prio)
 			return process_op(event, arg, tok);

libtraceevent: Handle case of unknown operator

Commit Message

Comments

Patch