Received: by 2002:a05:7412:8d10:b0:f3:1519:9f41 with SMTP id bj16csp4644917rdb; Tue, 12 Dec 2023 05:44:28 -0800 (PST) X-Google-Smtp-Source: AGHT+IF3/rGaRFYvAUS1kFDfBTIzcDcxvvKi5uC6dwF4TzIvOy4gTgyS/vlNGfgn4yqjZBHj4gdx X-Received: by 2002:a05:6a21:a5a0:b0:18f:97c:ba14 with SMTP id gd32-20020a056a21a5a000b0018f097cba14mr3673188pzc.110.1702388667896; Tue, 12 Dec 2023 05:44:27 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1702388667; cv=none; d=google.com; s=arc-20160816; b=BmZHyWXcNhxquNjnOrulf/CwAs+Rw34bKCBLiN57kz1fLzGffuyfgG6BCppKd7M54a FbCDOo5Oxqjj7mwM8VUrpYfcU2yYDfiABUghLa3jlt8AnT54QnKWhwa6/m81s/ORAw/d xBRhhUIOi3PteKE+CGSbUoYrXQgnE5M7aXR90xaFq3FjBV5T2c73pz0Wtj28UxAyMPJ+ irWQX+OiL7qcJuupijBwDlWetPimiDAbt6TDWrJRsBrNJqFNATEIjSRAd7BvKeZ+xzyh mNXo4zkjv6mncl0Goex68tB70SGgz2p4lFdzZMAFmwCLpY130yvAJLxqf1kAAeJ1yX1j E8tg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version :message-id:subject:cc:to:from:date; bh=D1KP43gVZo5cNye+wUDFo+otsTY+1+7PEeJ4cRJXyJE=; fh=R8JZsVKDlS7lXIAvTNV55bsjlDBI0i4sqiOYXO4tZQA=; b=bs1JTtYKgDIdj+o78eNV0xftk8/DXpV1J/rpBdodqR+nK4xxH7qExy8w4UQK3WWIiM T2tQWbC/iaIOYjd+DdbD0kKaQN5cYFwaqYdjR0bloNmpTKXtGGmvtuvRzu0w5ZvrMwjx sNS7QKBTDzsRj+ei7u+6boGcCvpmx8nh4p+vhzPF8ZsqvpSFS33SUzjm919th1dJhTqV GZLRLZ9G6+wKRtnRqv+nCyw9s/cRVy+z51FHH9QmJUxLc+EjekVJm0WWPpqb4+jaEmsN cnVP+fbH51yxBtxIqEoIzCmVIrjbg1ZkpEiRm0hBEXQA4H9tcQpUdPtt2OiQbd+mGfik 1wCg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Return-Path: Received: from fry.vger.email (fry.vger.email. [2620:137:e000::3:8]) by mx.google.com with ESMTPS id mh1-20020a17090b4ac100b00285864ca8a0si9091803pjb.180.2023.12.12.05.44.27 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 12 Dec 2023 05:44:27 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) client-ip=2620:137:e000::3:8; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 2620:137:e000::3:8 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org Received: from out1.vger.email (depot.vger.email [IPv6:2620:137:e000::3:0]) by fry.vger.email (Postfix) with ESMTP id 5C077805CF3D; Tue, 12 Dec 2023 05:44:25 -0800 (PST) X-Virus-Status: Clean X-Virus-Scanned: clamav-milter 0.103.11 at fry.vger.email Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1346579AbjLLNn7 (ORCPT + 99 others); Tue, 12 Dec 2023 08:43:59 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:36360 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1346630AbjLLNn5 (ORCPT ); Tue, 12 Dec 2023 08:43:57 -0500 Received: from smtp.kernel.org (relay.kernel.org [52.25.139.140]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id DD6AAF3 for ; Tue, 12 Dec 2023 05:44:03 -0800 (PST) Received: by smtp.kernel.org (Postfix) with ESMTPSA id CD325C433C7; Tue, 12 Dec 2023 13:44:02 +0000 (UTC) Date: Tue, 12 Dec 2023 08:44:44 -0500 From: Steven Rostedt To: LKML , Linux Trace Kernel Cc: Masami Hiramatsu , Mark Rutland , Mathieu Desnoyers Subject: [PATCH] tracing: Add size check when printing trace_marker output Message-ID: <20231212084444.4619b8ce@gandalf.local.home> X-Mailer: Claws Mail 3.19.1 (GTK+ 2.24.33; x86_64-pc-linux-gnu) MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-0.8 required=5.0 tests=HEADER_FROM_DIFFERENT_DOMAINS, MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,T_SCC_BODY_TEXT_LINE autolearn=unavailable autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on fry.vger.email Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org X-Greylist: Sender passed SPF test, not delayed by milter-greylist-4.6.4 (fry.vger.email [0.0.0.0]); Tue, 12 Dec 2023 05:44:25 -0800 (PST) From: "Steven Rostedt (Google)" If for some reason the trace_marker write does not have a nul byte for the string, it will overflow the print: trace_seq_printf(s, ": %s", field->buf); The field->buf could be missing the nul byte. To prevent overflow, add the max size that the buf can be by using the event size and the field location. int max = iter->ent_size - offsetof(struct print_entry, buf); trace_seq_printf(s, ": %*s", max, field->buf); Signed-off-by: Steven Rostedt (Google) --- kernel/trace/trace_output.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/kernel/trace/trace_output.c b/kernel/trace/trace_output.c index d8b302d01083..e11fb8996286 100644 --- a/kernel/trace/trace_output.c +++ b/kernel/trace/trace_output.c @@ -1587,11 +1587,12 @@ static enum print_line_t trace_print_print(struct trace_iterator *iter, { struct print_entry *field; struct trace_seq *s = &iter->seq; + int max = iter->ent_size - offsetof(struct print_entry, buf); trace_assign_type(field, iter->ent); seq_print_ip_sym(s, field->ip, flags); - trace_seq_printf(s, ": %s", field->buf); + trace_seq_printf(s, ": %*s", max, field->buf); return trace_handle_return(s); } @@ -1600,10 +1601,11 @@ static enum print_line_t trace_print_raw(struct trace_iterator *iter, int flags, struct trace_event *event) { struct print_entry *field; + int max = iter->ent_size - offsetof(struct print_entry, buf); trace_assign_type(field, iter->ent); - trace_seq_printf(&iter->seq, "# %lx %s", field->ip, field->buf); + trace_seq_printf(&iter->seq, "# %lx %*s", field->ip, max, field->buf); return trace_handle_return(&iter->seq); } -- 2.42.0