Received: by 2002:a05:6a10:206:0:0:0:0 with SMTP id 6csp3353244pxj; Mon, 7 Jun 2021 08:35:45 -0700 (PDT) X-Google-Smtp-Source: ABdhPJwkftIX2Sey+AMK+zUDkzZ1jI1GW9eOoqOjsGpIgrVxzYUcLyVNWGnww3EpYpHdPsP2WzZB X-Received: by 2002:a17:906:5299:: with SMTP id c25mr18555511ejm.85.1623080145147; Mon, 07 Jun 2021 08:35:45 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1623080145; cv=none; d=google.com; s=arc-20160816; b=oJx5T/tGMS8aPPMHaaxpUp7evHaDpMAYyZtNFIseBy4P0SRcSmM8qdFiB2OkgW/KRB S24EO3yD1t8LH2vFoxGhb7YVy83Pn1pOU28Z3yaXLNLurBY5Z/w5Se5B7I45Uu2STqSm D6La74sD/Vm5MVrJCoOOyu+oygK5MT0LR9BfTraS1lYWIV327HMRNSzk29onenL/BfVo EL83XILFrn0DyJULTZQJMj+2W+luQi3yUfDCgqIYlGYJjZDt0nlyiWQFqNWYqKOX82Zk ds6yMjWYLswgsYtuXOM+G22MfNLy6gNUkeuJoK8B+RAa8CLZXFyr1eQ8MznLz4zZ6n3Z zk1A== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :references:in-reply-to:message-id:subject:cc:to:from:date; bh=wph85JI81TFCbbMO4VDkCV5H4JpcAZEaoUP+Qd4fJMw=; b=rcVTp/DNCC8H6CfAWs/kq58M4bCxNtg7nMWYdplJipO68kh4jmDahEU6VohbevJdcw 4fzPy0vjt5w29/0buM9I0MHXcw/oiMHJTBmmD6B0bS0H2fC0zzrrWiUX7JSr+GsdjnLP kRBdfdIj3P25OaeQ7im87xeUxJG07XArnSfkhuhWTYOU3O9cGlEHmkTsFTuPfgsxOYkP M5e1+7Hg4QeH3JeoMxF3znxPFt8Oy4mh/7hkMEjCgObl5qP0urPb92a201S/BjwfsIQ8 bivibBH9OAmXvmffN20iZhv1u3DigORhym3hWWmEhKnK2A2/Y1+LuWx3vvZDoaAmZJcu h7xg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id j15si12421865edq.337.2021.06.07.08.35.22; Mon, 07 Jun 2021 08:35:45 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231163AbhFGPgK (ORCPT + 99 others); Mon, 7 Jun 2021 11:36:10 -0400 Received: from mail.kernel.org ([198.145.29.99]:43052 "EHLO mail.kernel.org" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S230239AbhFGPgJ (ORCPT ); Mon, 7 Jun 2021 11:36:09 -0400 Received: from oasis.local.home (cpe-66-24-58-225.stny.res.rr.com [66.24.58.225]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.kernel.org (Postfix) with ESMTPSA id AAC3661164; Mon, 7 Jun 2021 15:34:17 +0000 (UTC) Date: Mon, 7 Jun 2021 11:34:16 -0400 From: Steven Rostedt To: Liangyan Cc: linux-kernel@vger.kernel.org, Ingo Molnar , Xunlei Pang , yinbinbin@alibabacloud.com, wetp , jnwang@linux.alibaba.com, stable@vger.kernel.org, Greg Kroah-Hartman Subject: Re: [PATCH] tracing: Correct the length check which causes memory corruption Message-ID: <20210607113416.603c72d3@oasis.local.home> In-Reply-To: <20210607125734.1770447-1-liangyan.peng@linux.alibaba.com> References: <20210607125734.1770447-1-liangyan.peng@linux.alibaba.com> X-Mailer: Claws Mail 3.17.3 (GTK+ 2.24.33; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Mon, 7 Jun 2021 20:57:34 +0800 Liangyan wrote: > commit b220c049d519 ("tracing: Check length before giving out > the filter buffer") adds length check to protect trace data > overflow introduced in 0fc1b09ff1ff, seems that this fix can't prevent > overflow entirely, the length check should also take the sizeof > entry->array[0] into account, since this array[0] is filled the > length of trace data and occupy addtional space and risk overflow. Bah, you're right! I didn't take into account that when the event is this big, array[] will have content. I queued the patch and will start testing it. Thanks! -- Steve