If the title is NULL then it can lead to a segv.
Fixes: 769e6a1e15bd ("perf ui browser: Don't save pointer to stack memory")
Signed-off-by: Ian Rogers <[email protected]>
---
tools/perf/ui/browser.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/tools/perf/ui/browser.c b/tools/perf/ui/browser.c
index c4cdf2ea69b7..19503e838738 100644
--- a/tools/perf/ui/browser.c
+++ b/tools/perf/ui/browser.c
@@ -203,7 +203,7 @@ void ui_browser__refresh_dimensions(struct ui_browser *browser)
void ui_browser__handle_resize(struct ui_browser *browser)
{
ui__refresh_dimensions(false);
- ui_browser__show(browser, browser->title, ui_helpline__current);
+ ui_browser__show(browser, browser->title ?: "", ui_helpline__current);
ui_browser__refresh(browser);
}
--
2.45.0.rc1.225.g2a3ae87e7f-goog
On Tue, May 7, 2024 at 8:53 PM Ian Rogers <[email protected]> wrote:
>
> If the title is NULL then it can lead to a segv.
Just out of curiosity, do you know where it sets to NULL?
Thanks,
Namhyung
>
> Fixes: 769e6a1e15bd ("perf ui browser: Don't save pointer to stack memory")
> Signed-off-by: Ian Rogers <[email protected]>
> ---
> tools/perf/ui/browser.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/ui/browser.c b/tools/perf/ui/browser.c
> index c4cdf2ea69b7..19503e838738 100644
> --- a/tools/perf/ui/browser.c
> +++ b/tools/perf/ui/browser.c
> @@ -203,7 +203,7 @@ void ui_browser__refresh_dimensions(struct ui_browser *browser)
> void ui_browser__handle_resize(struct ui_browser *browser)
> {
> ui__refresh_dimensions(false);
> - ui_browser__show(browser, browser->title, ui_helpline__current);
> + ui_browser__show(browser, browser->title ?: "", ui_helpline__current);
> ui_browser__refresh(browser);
> }
>
> --
> 2.45.0.rc1.225.g2a3ae87e7f-goog
>
On Wed, May 8, 2024 at 10:26 PM Namhyung Kim <[email protected]> wrote:
>
> On Tue, May 7, 2024 at 8:53 PM Ian Rogers <[email protected]> wrote:
> >
> > If the title is NULL then it can lead to a segv.
>
> Just out of curiosity, do you know where it sets to NULL?
Yes, the fixes patch added strdup and zfree, the NULL is coming from the zfree.
Thanks,
Ian
> Thanks,
> Namhyung
>
> >
> > Fixes: 769e6a1e15bd ("perf ui browser: Don't save pointer to stack memory")
> > Signed-off-by: Ian Rogers <[email protected]>
> > ---
> > tools/perf/ui/browser.c | 2 +-
> > 1 file changed, 1 insertion(+), 1 deletion(-)
> >
> > diff --git a/tools/perf/ui/browser.c b/tools/perf/ui/browser.c
> > index c4cdf2ea69b7..19503e838738 100644
> > --- a/tools/perf/ui/browser.c
> > +++ b/tools/perf/ui/browser.c
> > @@ -203,7 +203,7 @@ void ui_browser__refresh_dimensions(struct ui_browser *browser)
> > void ui_browser__handle_resize(struct ui_browser *browser)
> > {
> > ui__refresh_dimensions(false);
> > - ui_browser__show(browser, browser->title, ui_helpline__current);
> > + ui_browser__show(browser, browser->title ?: "", ui_helpline__current);
> > ui_browser__refresh(browser);
> > }
> >
> > --
> > 2.45.0.rc1.225.g2a3ae87e7f-goog
> >