aboutsummaryrefslogtreecommitdiff
path: root/tools
diff options
context:
space:
mode:
authorMasami Hiramatsu <mhiramat@redhat.com>2010-03-12 18:22:17 -0500
committerGreg Kroah-Hartman <gregkh@suse.de>2010-04-01 16:01:30 -0700
commit803557f8ebad33836b66b5d3f83dcbd902daa417 (patch)
treecad1d67ad36e0a78923db81080c06c47d1125855 /tools
parent118c29f02194a7874cbbff605b2ec544b97d5610 (diff)
perf probe: Fix probe_point buffer overrun
commit 594087a04eea544356f9c52e83c1a9bc380ce80f upstream. Fix probe_point array-size overrun problem. In some cases (e.g. inline function), one user-specified probe-point can be translated to many probe address, and it overruns pre-defined array-size. This also removes redundant MAX_PROBES macro definition. Signed-off-by: Masami Hiramatsu <mhiramat@redhat.com> Cc: systemtap <systemtap@sources.redhat.com> Cc: DLE <dle-develop@lists.sourceforge.net> LKML-Reference: <20100312232217.2017.45017.stgit@localhost6.localdomain6> [ Note that only root can create new probes. Eventually we should remove the MAX_PROBES limit, but that is a larger patch not eligible to perf/urgent treatment. ] Signed-off-by: Ingo Molnar <mingo@elte.hu> Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'tools')
-rw-r--r--tools/perf/builtin-probe.c1
-rw-r--r--tools/perf/util/probe-finder.c3
2 files changed, 3 insertions, 1 deletions
diff --git a/tools/perf/builtin-probe.c b/tools/perf/builtin-probe.c
index c1e6774fd3e..fa626eb9c87 100644
--- a/tools/perf/builtin-probe.c
+++ b/tools/perf/builtin-probe.c
@@ -48,7 +48,6 @@
#include "util/probe-event.h"
#define MAX_PATH_LEN 256
-#define MAX_PROBES 128
/* Session management structure */
static struct {
diff --git a/tools/perf/util/probe-finder.c b/tools/perf/util/probe-finder.c
index 4b852c0d16a..7f81deddbf2 100644
--- a/tools/perf/util/probe-finder.c
+++ b/tools/perf/util/probe-finder.c
@@ -544,6 +544,9 @@ static void show_probepoint(Dwarf_Die sp_die, Dwarf_Signed offs,
}
free_current_frame_base(pf);
+ if (pp->found == MAX_PROBES)
+ die("Too many( > %d) probe point found.\n", MAX_PROBES);
+
pp->probes[pp->found] = strdup(tmp);
pp->found++;
}