Commit ae0c4d32 authored Feb 27, 2019 by Tony Jones Committed by Greg Kroah-Hartman Apr 05, 2019

tools lib traceevent: Fix buffer overflow in arg_eval

[ Upstream commit 7c5b019e3a638a5a290b0ec020f6ca83d2ec2aaa ]

Fix buffer overflow observed when running perf test.

The overflow is when trying to evaluate "1ULL << (64 - 1)" which is
resulting in -9223372036854775808 which overflows the 20 character
buffer.

If is possible this bug has been reported before but I still don't see
any fix checked in:

See: https://www.spinics.net/lists/linux-perf-users/msg07714.html



Reported-by: Michael Sartain <mikesart@fastmail.com>
Reported-by: Mathias Krause <minipli@googlemail.com>
Signed-off-by: Tony Jones <tonyj@suse.de>
Acked-by: Steven Rostedt (VMware) <rostedt@goodmis.org>
Cc: Frederic Weisbecker <fweisbec@gmail.com>
Fixes: f7d82350 ("tools/events: Add files to create libtraceevent.a")
Link: http://lkml.kernel.org/r/20190228015532.8941-1-tonyj@suse.de


Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>

parent 26241152

tools/lib/traceevent/event-parse.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -2428,7 +2428,7 @@ static int arg_num_eval(struct print_arg arg, long long val)
		static char arg_eval (struct print_arg arg)
		{
		long long val;
		static char buf[20];
		static char buf[24];

		switch (arg->type) {
		case PRINT_ATOM: