diff mbox series

[1/3] libtracefs: Fix use after free in tracefs_synth_alloc()

Message ID 20220819020349.747429-2-rostedt@goodmis.org (mailing list archive)
State Accepted
Commit 0aaa86a54a287f68a4ccafa4af772a7ed9073fde
Headers show
Series libtracefs: Some fixes for sqlhis | expand

Commit Message

Steven Rostedt Aug. 19, 2022, 2:03 a.m. UTC 
From: "Steven Rostedt (Google)" <rostedt@goodmis.org>

The synth new_format is set after the error condition is checked and the
synth is freed (on error), causing a SIGSEV when that occurs.

Fixes: 74a6754b9e67b ("libtracefs: Check README to know if we should do old onmatch format")
Signed-off-by: Steven Rostedt (Google) <rostedt@goodmis.org>
---
 src/tracefs-hist.c | 5 ++---
 1 file changed, 2 insertions(+), 3 deletions(-)
diff mbox series

Patch

diff --git a/src/tracefs-hist.c b/src/tracefs-hist.c
index 2f12cc471294..6f7d657bd404 100644
--- a/src/tracefs-hist.c
+++ b/src/tracefs-hist.c
@@ -1091,9 +1091,8 @@  struct tracefs_synth *tracefs_synth_alloc(struct tep_handle *tep,
 	if (!synth->name || !synth->start_keys || !synth->end_keys || ret) {
 		tracefs_synth_free(synth);
 		synth = NULL;
-	}
-
-	synth->new_format = has_new_format();
+	} else
+		synth->new_format = has_new_format();
 
 	return synth;
 }