perf tools: Pre-check sample size before parsing

Check that the total size of the sample fields having a fixed size do not exceed the one of the whole event. This robustifies the sample parsing. Signed-off-by: Frederic Weisbecker <fweisbec@gmail.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Stephane Eranian <eranian@google.com>
author: Frederic Weisbecker <fweisbec@gmail.com> 2011-05-21 17:33:04 (GMT)
committer: Frederic Weisbecker <fweisbec@gmail.com> 2011-05-22 01:38:36 (GMT)
commit: a285412479b6d5af3e48273a92ec2f1987df8cd1 (patch)
tree: 29f68684cebb26b86c3dd0b0f0fc4e5d6553c989 /tools/perf/util/evsel.c
parent: 74429964d8e29c0107fa6e9cdf35b8f33f57405d (diff)
download: linux-a285412479b6d5af3e48273a92ec2f1987df8cd1.tar.xz
1 files changed, 5 insertions, 1 deletions
diff --git a/tools/perf/util/evsel.c b/tools/perf/util/evsel.c
index d6fd59b..bfce8bf6 100644
--- a/tools/perf/util/evsel.c
+++ b/tools/perf/util/evsel.c
@@ -304,7 +304,8 @@ static int perf_event__parse_id_sample(const union perf_event *event, u64 type,
 }
 
 int perf_event__parse_sample(const union perf_event *event, u64 type,
-			     bool sample_id_all, struct perf_sample *data)
+			     int sample_size, bool sample_id_all,
+			     struct perf_sample *data)
 {
 	const u64 *array;
 
@@ -319,6 +320,9 @@ int perf_event__parse_sample(const union perf_event *event, u64 type,
 
 	array = event->sample.array;
 
+	if (sample_size + sizeof(event->header) > event->header.size)
+		return -EFAULT;
+
 	if (type & PERF_SAMPLE_IP) {
 		data->ip = event->ip.ip;
 		array++;
author	Frederic Weisbecker <fweisbec@gmail.com>	2011-05-21 17:33:04 (GMT)
committer	Frederic Weisbecker <fweisbec@gmail.com>	2011-05-22 01:38:36 (GMT)
commit	a285412479b6d5af3e48273a92ec2f1987df8cd1 (patch)
tree	29f68684cebb26b86c3dd0b0f0fc4e5d6553c989 /tools/perf/util/evsel.c
parent	74429964d8e29c0107fa6e9cdf35b8f33f57405d (diff)
download	linux-a285412479b6d5af3e48273a92ec2f1987df8cd1.tar.xz