Commit eac9eace authored by Frederic Weisbecker's avatar Frederic Weisbecker

perf tools: Check we are able to read the event size on mmap

Check we have enough mmaped space to read the current event
size from its headers, otherwise we may dereference some
hell there.
Signed-off-by: default avatarFrederic Weisbecker <fweisbec@gmail.com>
Cc: Ingo Molnar <mingo@elte.hu>
Cc: Peter Zijlstra <a.p.zijlstra@chello.nl>
Cc: Arnaldo Carvalho de Melo <acme@redhat.com>
Cc: Stephane Eranian <eranian@google.com>
parent c5fc4721
...@@ -1007,6 +1007,13 @@ int __perf_session__process_events(struct perf_session *session, ...@@ -1007,6 +1007,13 @@ int __perf_session__process_events(struct perf_session *session,
file_pos = file_offset + head; file_pos = file_offset + head;
more: more:
/*
* Ensure we have enough space remaining to read
* the size of the event in the headers.
*/
if (head + sizeof(event->header) > mmap_size)
goto remap;
event = (union perf_event *)(buf + head); event = (union perf_event *)(buf + head);
if (session->header.needs_swap) if (session->header.needs_swap)
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment