Received: by 2002:a25:ad19:0:0:0:0:0 with SMTP id y25csp8894189ybi; Tue, 23 Jul 2019 17:33:19 -0700 (PDT) X-Google-Smtp-Source: APXvYqwk4eaQuzg95vlYCyp5L2gW1y5ENaoQFbSKqUadp/csU6dL8PsOVZrPkLEx/lGbRgTc5T3U X-Received: by 2002:a62:7695:: with SMTP id r143mr8705435pfc.173.1563928399392; Tue, 23 Jul 2019 17:33:19 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1563928399; cv=none; d=google.com; s=arc-20160816; b=ej2dmK7fZeN4DqYfQBTcR7n5ItzHRqWFII+u0k/WbEzqVmeAl0INsocpUOMCF2vR0j RsvIS2K/h/JDmeovaxQFBvfMPEl3pqsNLLBIR6e4vaPhErUIP6zoGzLRcv/vzn9LKqjJ kaI5rFVAlKGSP8A9y8UYNIhFlFRBRbf5i2zp+8PwFGoPuEjyRPCtiyLF144hiejF8DAj b3RzeGHqd763ysTcTbGuPZQZfT4M8FucQY8lVY9xpV2IGVFaLvbEj2lV864eDLHeHyXA pGIYq+BqjtzkTpn6l825quMBDusgbSprHLnBFhGMs0z4vbRmACyL9MrAPioS4VZOSyf/ +TrA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:user-agent:in-reply-to :content-disposition:mime-version:references:message-id:subject:cc :to:date:from:dkim-signature; bh=I2AwJ8y+pZph/vCLaCeuPDunR8vxlIs6nTXakQYneRY=; b=XEnRuSwuAdmjWOndVSY3ZVXbWMqlEgQAgFXLrJGJQSaX4xQAM1FopWafnyR734lgLz bIOQE0N1/Dj0LLY9SQ942i23asrSt5BOsKn18VrqI5Rtx1t6h6zX4094jEz2Zoutn80K XPz0md8cbigDlnZduaCc8UPrYKvKMXIDXkIscB3x9uewkn6TdQZN8mv4SLRIbxqxrz1P 20oxQHw3u1f+MLcHE2aETj7W45IzMrGInY6kX/ZgeNPjp5KwBeIUoMOBi6VWiUDCZoHE 6YOr8Ey2kZAfoaAnp2+yh5/GcJbyqabIKrRyvWMa29aFGcAAZHnEY/l35TLzVwjvf8I/ R+og== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="kl/aEFfn"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id f131si11927035pgc.265.2019.07.23.17.33.03; Tue, 23 Jul 2019 17:33:19 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20161025 header.b="kl/aEFfn"; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1731855AbfGWPRH (ORCPT + 99 others); Tue, 23 Jul 2019 11:17:07 -0400 Received: from mail-qt1-f174.google.com ([209.85.160.174]:44437 "EHLO mail-qt1-f174.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1726491AbfGWPRG (ORCPT ); Tue, 23 Jul 2019 11:17:06 -0400 Received: by mail-qt1-f174.google.com with SMTP id 44so11273969qtg.11 for ; Tue, 23 Jul 2019 08:17:06 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:date:to:cc:subject:message-id:references:mime-version :content-disposition:in-reply-to:user-agent; bh=I2AwJ8y+pZph/vCLaCeuPDunR8vxlIs6nTXakQYneRY=; b=kl/aEFfnnLfxx2j7Jbx6USZ5alpNgcU+bpYEspSnr8UdEal9SuZ9MsOOZPZb7gfqKp Ek9Lhs45DX11V65WexDENltrzryHLLePKS1Koi7cb7gjo1mNOA7VNOXaZaWwE3Hj1i2g 4Ch5N42nzznmt30c8yx8jG7BbcfiecGRRbSC04wjX1Up0AzhGH604Xw05tx6VnHu1bDb tYjc+fiEr2mUK9fpM0Tn4PuOEGUvPRQtAD65dPdKAem5A20FNrQb2cDYpd6bWFpROixi MAPqyM3onHhZLCprjWhVwaXDMM+WlnyggDm3+k3XyV0zGOIYv/GGa+fCkQHeZBE+otPc Q1Kw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:date:to:cc:subject:message-id:references :mime-version:content-disposition:in-reply-to:user-agent; bh=I2AwJ8y+pZph/vCLaCeuPDunR8vxlIs6nTXakQYneRY=; b=tW4BPY8RJzqh3hkpkS9qK+32/aFIVOUWlirvgvYHbBo7Dmhd0EqDpA+ayoioWJUwgE xhxtSg16i9mpNiqksLcGZd2mXTSHFzx6WBXAkA3LWJ2JtUgdFEhucZ2CmkzsHR4JNz3Y 0HGlaUR68Z/dElkylroLZ5+AOuKJB+5499FFQEwXXpBz1koAil40LFNKsDAGGrOMuHdU zCD3AQ0Xeq3iN2rRt97n+ZeLXOY5SvTRaTulwgo+HHft5bmh0I6Hk0aEPnXTgeL+0MOi 9ziP0/nm+iu3dNc2O5LJ7EeCveugsAjkeKzdmlnD6ICgzeQ0NRKvSTE+qNR9dyAx3/Ao 9ZaA== X-Gm-Message-State: APjAAAXeTsFmzIr5hhcoh0bN5WQdu770AayyOWUDelV0QDjiioBcsMFm RBfp001Hz9LEw8s+dWDPgBg= X-Received: by 2002:a0c:ad7a:: with SMTP id v55mr53810661qvc.130.1563895025505; Tue, 23 Jul 2019 08:17:05 -0700 (PDT) Received: from quaco.ghostprotocols.net ([179.97.35.11]) by smtp.gmail.com with ESMTPSA id z18sm18311078qki.110.2019.07.23.08.17.04 (version=TLS1_3 cipher=AEAD-AES256-GCM-SHA384 bits=256/256); Tue, 23 Jul 2019 08:17:04 -0700 (PDT) From: Arnaldo Carvalho de Melo X-Google-Original-From: Arnaldo Carvalho de Melo Received: by quaco.ghostprotocols.net (Postfix, from userid 1000) id 84E3340340; Tue, 23 Jul 2019 12:17:02 -0300 (-03) Date: Tue, 23 Jul 2019 12:17:02 -0300 To: Vince Weaver Cc: linux-kernel@vger.kernel.org, Peter Zijlstra , Ingo Molnar , Alexander Shishkin , Jiri Olsa , Namhyung Kim Subject: Re: [patch] perf tool divide by zero error if f_header.attr_size==0 Message-ID: <20190723151702.GA8129@kernel.org> References: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: X-Url: http://acmel.wordpress.com User-Agent: Mutt/1.12.0 (2019-05-25) Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org Em Tue, Jul 23, 2019 at 11:06:01AM -0400, Vince Weaver escreveu: > Hello > > so I have been having lots of trouble with hand-crafted perf.data files > causing segfaults and the like, so I have started fuzzing the perf tool. > > First issue found: > > If f_header.attr_size is 0 in the perf.data file, then perf will crash > with a divide-by-zero error. Thanks for the patch, will be in my next perf/urgent pull req. - Arnaldo > Signed-off-by: Vince Weaver > > diff --git a/tools/perf/util/header.c b/tools/perf/util/header.c > index c24db7f4909c..26df60ee9460 100644 > --- a/tools/perf/util/header.c > +++ b/tools/perf/util/header.c > @@ -3559,6 +3559,10 @@ int perf_session__read_header(struct perf_session *session) > data->file.path); > } > > + if (f_header.attr_size == 0) { > + return -EINVAL; > + } > + > nr_attrs = f_header.attrs.size / f_header.attr_size; > lseek(fd, f_header.attrs.offset, SEEK_SET);