summaryrefslogtreecommitdiff
path: root/kernel
diff options
context:
space:
mode:
authorMathieu Desnoyers <mathieu.desnoyers@efficios.com>2011-03-16 19:05:52 -0400
committerMathieu Desnoyers <mathieu.desnoyers@polymtl.ca>2011-03-16 19:05:52 -0400
commite363c063f40ab7af592cc3f13dccc81416bb50eb (patch)
treebec44d5c3580d82432aa22b1dfa9cfd10fecf6ab /kernel
parent38305b6286a58e968c30851d6b11219e93e857d3 (diff)
markers-fix-out-of-bound-array
markers fix out of bound array While creating my own probes, I've observed that I get format mismatch error... While digging into the executed code I observe that my format (stored in a marker_entry) was overwritten by a new allocated structure. Finally I found that in add_marker function the format pointer seems to be set to the wrong position: e->format = &e->name[channel_len + name_len]; while the proper assignment should be e->format = &e->name[name_len]; indead: size_t channel_len = strlen(channel) + 1; size_t name_len = strlen(name) + 1; ... size_t format_len ...= strlen(format) + 1; and struct marker_entry { .... char channel[0]; /* Contains channel'\0'name'\0'format'\0' * / }; ... e = kmalloc(sizeof(struct marker_entry) + channel_len + name_len + format_len, GFP_KERNEL); .... e->name = &e->channel[channel_len]; Rgds, Damien COTTIER. Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Diffstat (limited to 'kernel')
-rw-r--r--kernel/marker.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/kernel/marker.c b/kernel/marker.c
index a8d9ee7c6fe..619d868377e 100644
--- a/kernel/marker.c
+++ b/kernel/marker.c
@@ -436,7 +436,7 @@ static struct marker_entry *add_marker(const char *channel, const char *name,
e->name = &e->channel[channel_len];
memcpy(e->name, name, name_len);
if (format) {
- e->format = &e->name[channel_len + name_len];
+ e->format = &e->name[name_len];
memcpy(e->format, format, format_len);
if (strcmp(e->format, MARK_NOARGS) == 0)
e->call = marker_probe_cb_noarg;
generated by cgit v1.2.3 (git 2.39.1) at 2024-11-13 16:50:18 +0000