diff mbox series

[v2] tracing: Consider the NULL character when validating the event length

Message ID 20241007144724.920954-1-leo.yan@arm.com (mailing list archive)
State Accepted
Commit 0b6e2e22cb23105fcb171ab92f0f7516c69c8471
Headers show
Series [v2] tracing: Consider the NULL character when validating the event length | expand

Commit Message

Leo Yan Oct. 7, 2024, 2:47 p.m. UTC
strlen() returns a string length excluding the null byte. If the string
length equals to the maximum buffer length, the buffer will have no
space for the NULL terminating character.

This commit checks this condition and returns failure for it.

Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
Signed-off-by: Leo Yan <leo.yan@arm.com>
---

Changes from v1:
Refined for condition checking (Steve).

 kernel/trace/trace_probe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Comments

Steven Rostedt Oct. 7, 2024, 3:43 p.m. UTC | #1
On Mon,  7 Oct 2024 15:47:24 +0100
Leo Yan <leo.yan@arm.com> wrote:

> strlen() returns a string length excluding the null byte. If the string
> length equals to the maximum buffer length, the buffer will have no
> space for the NULL terminating character.
> 
> This commit checks this condition and returns failure for it.
> 
> Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
> Signed-off-by: Leo Yan <leo.yan@arm.com>

Reviewed-by: Steven Rostedt (Google) <rostedt@goodmis.org>

Masami, want to take this?

-- Steve

> ---
> 
> Changes from v1:
> Refined for condition checking (Steve).
> 
>  kernel/trace/trace_probe.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
> index 39877c80d6cb..16a5e368e7b7 100644
> --- a/kernel/trace/trace_probe.c
> +++ b/kernel/trace/trace_probe.c
> @@ -276,7 +276,7 @@ int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
>  		}
>  		trace_probe_log_err(offset, NO_EVENT_NAME);
>  		return -EINVAL;
> -	} else if (len > MAX_EVENT_NAME_LEN) {
> +	} else if (len >= MAX_EVENT_NAME_LEN) {
>  		trace_probe_log_err(offset, EVENT_TOO_LONG);
>  		return -EINVAL;
>  	}
Masami Hiramatsu (Google) Oct. 10, 2024, 3:15 p.m. UTC | #2
On Mon,  7 Oct 2024 15:47:24 +0100
Leo Yan <leo.yan@arm.com> wrote:

> strlen() returns a string length excluding the null byte. If the string
> length equals to the maximum buffer length, the buffer will have no
> space for the NULL terminating character.
> 
> This commit checks this condition and returns failure for it.
> 

Ah, good catch! The traceprobe_parse_event_name() requires
MAX_EVENT_NAME_LEN buffer.

----
/* @buf must has MAX_EVENT_NAME_LEN size */
int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
----

But the macro name is a bit confusing. We may need below and use it around.

#define EVENT_NAME_BUFSIZE (MAX_EVENT_NAME_LEN + 1)

Anyway, I think this fix is correct.

Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>

Thank you,

> Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
> Signed-off-by: Leo Yan <leo.yan@arm.com>
> ---
> 
> Changes from v1:
> Refined for condition checking (Steve).
> 
>  kernel/trace/trace_probe.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
> index 39877c80d6cb..16a5e368e7b7 100644
> --- a/kernel/trace/trace_probe.c
> +++ b/kernel/trace/trace_probe.c
> @@ -276,7 +276,7 @@ int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
>  		}
>  		trace_probe_log_err(offset, NO_EVENT_NAME);
>  		return -EINVAL;
> -	} else if (len > MAX_EVENT_NAME_LEN) {
> +	} else if (len >= MAX_EVENT_NAME_LEN) {
>  		trace_probe_log_err(offset, EVENT_TOO_LONG);
>  		return -EINVAL;
>  	}
> -- 
> 2.34.1
>
diff mbox series

Patch

diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
index 39877c80d6cb..16a5e368e7b7 100644
--- a/kernel/trace/trace_probe.c
+++ b/kernel/trace/trace_probe.c
@@ -276,7 +276,7 @@  int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
 		}
 		trace_probe_log_err(offset, NO_EVENT_NAME);
 		return -EINVAL;
-	} else if (len > MAX_EVENT_NAME_LEN) {
+	} else if (len >= MAX_EVENT_NAME_LEN) {
 		trace_probe_log_err(offset, EVENT_TOO_LONG);
 		return -EINVAL;
 	}