tracing: Consider the NULL character when validating the event length

Commit Message

Leo Yan Oct. 7, 2024, 1:51 p.m. UTC

strlen() returns a string length excluding the null byte. This commit
adds 1 to account for the NULL terminating character when checking if an
event string is within the maximum length.

Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
Signed-off-by: Leo Yan <leo.yan@arm.com>
---
 kernel/trace/trace_probe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Steven Rostedt Oct. 7, 2024, 2:22 p.m. UTC | #1

On Mon,  7 Oct 2024 14:51:26 +0100
Leo Yan <leo.yan@arm.com> wrote:

> strlen() returns a string length excluding the null byte. This commit
> adds 1 to account for the NULL terminating character when checking if an
> event string is within the maximum length.
> 
> Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
> Signed-off-by: Leo Yan <leo.yan@arm.com>
> ---
>  kernel/trace/trace_probe.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
> index 39877c80d6cb..376ba56c3680 100644
> --- a/kernel/trace/trace_probe.c
> +++ b/kernel/trace/trace_probe.c
> @@ -276,7 +276,7 @@ int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
>  		}
>  		trace_probe_log_err(offset, NO_EVENT_NAME);
>  		return -EINVAL;
> -	} else if (len > MAX_EVENT_NAME_LEN) {
> +	} else if (len + 1 > MAX_EVENT_NAME_LEN) {

Usually, the check is:

	} else if (len >= MAX_EVENT_NAME_LEN) {

Which is a better way to check max length.

-- Steve


>  		trace_probe_log_err(offset, EVENT_TOO_LONG);
>  		return -EINVAL;
>  	}

Leo Yan Oct. 7, 2024, 2:33 p.m. UTC | #2

On 10/7/24 15:22, Steven Rostedt wrote:
> Warning: EXTERNAL SENDER, use caution when opening links or attachments.
> 
> 
> On Mon,  7 Oct 2024 14:51:26 +0100
> Leo Yan <leo.yan@arm.com> wrote:
> 
>> strlen() returns a string length excluding the null byte. This commit
>> adds 1 to account for the NULL terminating character when checking if an
>> event string is within the maximum length.
>>
>> Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
>> Signed-off-by: Leo Yan <leo.yan@arm.com>
>> ---
>>   kernel/trace/trace_probe.c | 2 +-
>>   1 file changed, 1 insertion(+), 1 deletion(-)
>>
>> diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
>> index 39877c80d6cb..376ba56c3680 100644
>> --- a/kernel/trace/trace_probe.c
>> +++ b/kernel/trace/trace_probe.c
>> @@ -276,7 +276,7 @@ int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
>>                }
>>                trace_probe_log_err(offset, NO_EVENT_NAME);
>>                return -EINVAL;
>> -     } else if (len > MAX_EVENT_NAME_LEN) {
>> +     } else if (len + 1 > MAX_EVENT_NAME_LEN) {
> 
> Usually, the check is:
> 
>          } else if (len >= MAX_EVENT_NAME_LEN) {
> 
> Which is a better way to check max length.

Will update. Thanks for suggestion.

Leo

Patch

diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
index 39877c80d6cb..376ba56c3680 100644
--- a/kernel/trace/trace_probe.c
+++ b/kernel/trace/trace_probe.c
@@ -276,7 +276,7 @@  int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
 		}
 		trace_probe_log_err(offset, NO_EVENT_NAME);
 		return -EINVAL;
-	} else if (len > MAX_EVENT_NAME_LEN) {
+	} else if (len + 1 > MAX_EVENT_NAME_LEN) {
 		trace_probe_log_err(offset, EVENT_TOO_LONG);
 		return -EINVAL;
 	}