Received: by 2002:a05:7412:d8a:b0:e2:908c:2ebd with SMTP id b10csp622656rdg; Thu, 12 Oct 2023 16:19:56 -0700 (PDT) X-Google-Smtp-Source: AGHT+IHMAAVpSAAzCfLeeRfUxbIXOAesfDB9emOQYhS5LKHmk6fiATj92TVUjx29N8dmgjk5gpHq X-Received: by 2002:a05:6a00:391d:b0:68e:4303:edb8 with SMTP id fh29-20020a056a00391d00b0068e4303edb8mr28054599pfb.30.1697152796270; Thu, 12 Oct 2023 16:19:56 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1697152796; cv=none; d=google.com; s=arc-20160816; b=LjhpDRWavab6VTiDuzoLeceb2iF8w/ELuzA3+7KtvcX3s5y7km9xH9iRwQ0IYHQC65 U20zu7EFHzoTO+WwRzGR/aUNpq57naDDE004xv+ciZV6Jy5CwVu+0ssXnZktNQFMu6bO kLq5fknZZjVOMpJND1y9A/Vt9Qg6gapXGGUultIUY8QhiD+caxVkGFntMjjbV8lhHSt4 OJ+YVUpyD+VTFdcTMYbmLVxm3k3Rd/KK2fTmRNse5lDGRo+W4TVV0ABFXqhRrr+ANWoA fbPXPmYfX7sY3y/iHvZM9FEUwhHRACB/T2z7swhaAS/YDYQn6jWlvUmfjCuDtfZf/H7L Wwhw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:message-id:content-transfer-encoding :mime-version:subject:date:from:dkim-signature; bh=qWys4OMj8/4NaL/zz+9VrWaWMW7QXVkxxYzM2JBVRiQ=; fh=tehJSzsaG8ClO1aGbe9U8FBoBMdSR/myAvjRIOO/gII=; b=J8A7xJqBF0DpliWgTOdueW+brwQEDZGEHB1TID1rox3e9wLAxg1A+IsPVRut3A6YZA 3/DoNYiHDcHVLW82N/d/PiKgeIS6t3gvOHgCpBVNnPEzSFMbszXaV43YeQr0d5VRt9tG GqmbPjPFSVY+cFRhUTwrR3hd75r11sGdoAXerQ5LcRJjC0A1q9otC4GZcisyqtFY54rm JNaIOJL3ppRjLk8GmVad306qPDAIR+8cZG2EKuQ3m3rNl1BR6WzAsbSnivHnmMZfDzGg dF2dhSR9m25zJt9gaviIlnjiCFtyO3yDA4513ePL6cBOPiVHZk60H70hEFzH3qG6P7WL 9AGA== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=eb0HV6fA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Return-Path: Received: from pete.vger.email (pete.vger.email. [2620:137:e000::3:6]) by mx.google.com with ESMTPS id m3-20020a63fd43000000b00577f4d736bbsi3207460pgj.373.2023.10.12.16.19.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Oct 2023 16:19:56 -0700 (PDT) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) client-ip=2620:137:e000::3:6; Authentication-Results: mx.google.com; dkim=pass header.i=@kernel.org header.s=k20201202 header.b=eb0HV6fA; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:6 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by pete.vger.email (Postfix) with ESMTP id B2BA081E554A; Thu, 12 Oct 2023 16:19:53 -0700 (PDT) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.10 at pete.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1443081AbjJLXTk (ORCPT + 99 others); Thu, 12 Oct 2023 19:19:40 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:45762 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1443006AbjJLXTj (ORCPT ); Thu, 12 Oct 2023 19:19:39 -0400 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 072F8BE; Thu, 12 Oct 2023 16:19:37 -0700 (PDT) Received: by smtp.kernel.org (Postfix) with ESMTPSA id B9493C433C7; Thu, 12 Oct 2023 23:19:35 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=kernel.org; s=k20201202; t=1697152777; bh=W+HLtEgsaqMQgpJ9qQLMNO8wc9NamWUTclvh2/EECcI=; h=From:Date:Subject:To:Cc:From; b=eb0HV6fAD9Rk6Ik8iOB/zut66wHHTy9vzdNAuU5Y37dCLkEEqtrBdj+6zurj+g7dD Zu0rApQ6FX+i6Uq/XP9m5V/XLARKXGhxcrocsOImcvu6nWIXNnT5yvdgQW0ZwrmX5f K5rQe/z0omYrjx8I4DPCk9BIwIbMXHc+/z6X3nzbLm1ys8qjG6sxJB7HNbEpwg8E8B 8DeS7j2oeeGjRRqhRf3ctj0UeMGSvQLNU4v1uv3DsoCCfTx6qEbNzm9WXszuAXzJAs 5RMIldw/KTn8cjcTYcngTLS4YMoMJ1Hb8ng/vttPfvPkb2VfjmtBdOwA0+Thja2GmI cRmfxNQ+amu9g== From: Mark Brown Date: Fri, 13 Oct 2023 00:19:30 +0100 Subject: [PATCH] KVM: selftests: Initialise dynamically allocated configuration names MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: 8bit Message-Id: <20231013-kvm-get-reg-list-str-init-v1-1-034f370ff8ab@kernel.org> X-B4-Tracking: v=1; b=H4sIAAF/KGUC/x3MQQqDMBBG4avIrDtgUrG1VykuJPmbDtVYZoIUx Ls3uPwW7+1kUIHRo9lJsYnJmivcpaHwnnICS6wm3/qra53nz7ZwQmFF4lmssBVlyVL41oc7Ygc 3xJ5q/1W85He+n+Nx/AG3n083awAAAA== To: Paolo Bonzini , Shuah Khan , Haibo Xu , Andrew Jones , Anup Patel Cc: kvm@vger.kernel.org, linux-kselftest@vger.kernel.org, linux-kernel@vger.kernel.org, Mark Brown X-Mailer: b4 0.13-dev-0438c X-Developer-Signature: v=1; a=openpgp-sha256; l=1387; i=broonie@kernel.org; h=from:subject:message-id; bh=W+HLtEgsaqMQgpJ9qQLMNO8wc9NamWUTclvh2/EECcI=; b=owEBbQGS/pANAwAKASTWi3JdVIfQAcsmYgBlKH8GuYwP3eqfpIbuiJvsgr1BzuWfe3QnN66dqLNE ekce7+uJATMEAAEKAB0WIQSt5miqZ1cYtZ/in+ok1otyXVSH0AUCZSh/BgAKCRAk1otyXVSH0K++B/ 9ysGHgribz8lwpyjHgElOFHnYUyx4g0hlrceRYQ6SlK0TR0BBFnZs828NRW/ucIoiP8C2TPiRi8g+Q SeNjf+rFX7OqiXR8av/SUp78fgsSPHHm2xN53+yAQXt0PFQdGjcbcI4dLZe2x14W+suWr2eVKhdNZF WZgGM9X0vYrdRJHXEFMMFW9zPT98d5ypP0/9f4CqGKNAGoQ2rNigsdeHRJdIlT0GkU/nSp5yXbJRsN nNp8SG7EMdvwa7/4u62MX29zih0e9gsYED3yThnmnq4nthilSWhBP2PNRSYedodFyzwJT1mrogfSy6 pdJwqNge1SGhOjx/i9zdf8zMu/sBIg X-Developer-Key: i=broonie@kernel.org; a=openpgp; fpr=3F2568AAC26998F9E813A1C5C3F436CA30F5D8EB X-Spam-Status: No, score=-1.2 required=5.0 tests=DKIMWL_WL_HIGH,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,MAILING_LIST_MULTI, SPF_HELO_NONE,SPF_PASS autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on pete.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (pete.vger.email [0.0.0.0]); Thu, 12 Oct 2023 16:19:54 -0700 (PDT) When we dynamically generate a name for a configuration in get-reg-list we use strcat() to append to a buffer allocated using malloc() but we never initialise that buffer. Since malloc() offers no guarantees regarding the contents of the memory it returns this can lead to us corrupting, and likely overflowing, the buffer: vregs: PASS vregs+pmu: PASS sve: PASS sve+pmu: PASS vregs+pauth_address+pauth_generic: PASS X�vr+gspauth_addre+spauth_generi+pmu: PASS Initialise the buffer to an empty string to avoid this. Fixes: 17da79e009c37 ("KVM: arm64: selftests: Split get-reg-list test code") Signed-off-by: Mark Brown --- tools/testing/selftests/kvm/get-reg-list.c | 1 + 1 file changed, 1 insertion(+) diff --git a/tools/testing/selftests/kvm/get-reg-list.c b/tools/testing/selftests/kvm/get-reg-list.c index be7bf5224434..dd62a6976c0d 100644 --- a/tools/testing/selftests/kvm/get-reg-list.c +++ b/tools/testing/selftests/kvm/get-reg-list.c @@ -67,6 +67,7 @@ static const char *config_name(struct vcpu_reg_list *c) c->name = malloc(len); + c->name[0] = '\0'; len = 0; for_each_sublist(c, s) { if (!strcmp(s->name, "base")) --- base-commit: 6465e260f48790807eef06b583b38ca9789b6072 change-id: 20231012-kvm-get-reg-list-str-init-76c8ed4e19d6 Best regards, -- Mark Brown