[PATCH v2] tracing: Consider the NULL character when validating the event length

Leo Yan posted 1 patch 1 month, 3 weeks ago
kernel/trace/trace_probe.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
[PATCH v2] tracing: Consider the NULL character when validating the event length
Posted by Leo Yan 1 month, 3 weeks ago
strlen() returns a string length excluding the null byte. If the string
length equals to the maximum buffer length, the buffer will have no
space for the NULL terminating character.

This commit checks this condition and returns failure for it.

Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
Signed-off-by: Leo Yan <leo.yan@arm.com>
---

Changes from v1:
Refined for condition checking (Steve).

 kernel/trace/trace_probe.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
index 39877c80d6cb..16a5e368e7b7 100644
--- a/kernel/trace/trace_probe.c
+++ b/kernel/trace/trace_probe.c
@@ -276,7 +276,7 @@ int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
 		}
 		trace_probe_log_err(offset, NO_EVENT_NAME);
 		return -EINVAL;
-	} else if (len > MAX_EVENT_NAME_LEN) {
+	} else if (len >= MAX_EVENT_NAME_LEN) {
 		trace_probe_log_err(offset, EVENT_TOO_LONG);
 		return -EINVAL;
 	}
-- 
2.34.1
Re: [PATCH v2] tracing: Consider the NULL character when validating the event length
Posted by Masami Hiramatsu (Google) 1 month, 2 weeks ago
On Mon,  7 Oct 2024 15:47:24 +0100
Leo Yan <leo.yan@arm.com> wrote:

> strlen() returns a string length excluding the null byte. If the string
> length equals to the maximum buffer length, the buffer will have no
> space for the NULL terminating character.
> 
> This commit checks this condition and returns failure for it.
> 

Ah, good catch! The traceprobe_parse_event_name() requires
MAX_EVENT_NAME_LEN buffer.

----
/* @buf must has MAX_EVENT_NAME_LEN size */
int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
----

But the macro name is a bit confusing. We may need below and use it around.

#define EVENT_NAME_BUFSIZE (MAX_EVENT_NAME_LEN + 1)

Anyway, I think this fix is correct.

Acked-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>

Thank you,

> Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
> Signed-off-by: Leo Yan <leo.yan@arm.com>
> ---
> 
> Changes from v1:
> Refined for condition checking (Steve).
> 
>  kernel/trace/trace_probe.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
> index 39877c80d6cb..16a5e368e7b7 100644
> --- a/kernel/trace/trace_probe.c
> +++ b/kernel/trace/trace_probe.c
> @@ -276,7 +276,7 @@ int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
>  		}
>  		trace_probe_log_err(offset, NO_EVENT_NAME);
>  		return -EINVAL;
> -	} else if (len > MAX_EVENT_NAME_LEN) {
> +	} else if (len >= MAX_EVENT_NAME_LEN) {
>  		trace_probe_log_err(offset, EVENT_TOO_LONG);
>  		return -EINVAL;
>  	}
> -- 
> 2.34.1
> 


-- 
Masami Hiramatsu (Google) <mhiramat@kernel.org>
Re: [PATCH v2] tracing: Consider the NULL character when validating the event length
Posted by Steven Rostedt 1 month, 3 weeks ago
On Mon,  7 Oct 2024 15:47:24 +0100
Leo Yan <leo.yan@arm.com> wrote:

> strlen() returns a string length excluding the null byte. If the string
> length equals to the maximum buffer length, the buffer will have no
> space for the NULL terminating character.
> 
> This commit checks this condition and returns failure for it.
> 
> Fixes: dec65d79fd26 ("tracing/probe: Check event name length correctly")
> Signed-off-by: Leo Yan <leo.yan@arm.com>

Reviewed-by: Steven Rostedt (Google) <rostedt@goodmis.org>

Masami, want to take this?

-- Steve

> ---
> 
> Changes from v1:
> Refined for condition checking (Steve).
> 
>  kernel/trace/trace_probe.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> diff --git a/kernel/trace/trace_probe.c b/kernel/trace/trace_probe.c
> index 39877c80d6cb..16a5e368e7b7 100644
> --- a/kernel/trace/trace_probe.c
> +++ b/kernel/trace/trace_probe.c
> @@ -276,7 +276,7 @@ int traceprobe_parse_event_name(const char **pevent, const char **pgroup,
>  		}
>  		trace_probe_log_err(offset, NO_EVENT_NAME);
>  		return -EINVAL;
> -	} else if (len > MAX_EVENT_NAME_LEN) {
> +	} else if (len >= MAX_EVENT_NAME_LEN) {
>  		trace_probe_log_err(offset, EVENT_TOO_LONG);
>  		return -EINVAL;
>  	}