From: GuoHan Zhao <zhaoguohan@kylinos.cn>

In the error handling path of __add_event(), if evsel__new_idx() fails
and returns NULL, the subsequent calls to zfree(&evsel->name) and
zfree(&evsel->metric_id) will cause null pointer dereference.

Add a null check before accessing evsel members in the error path.

Signed-off-by: GuoHan Zhao <zhaoguohan@kylinos.cn>
---
 tools/perf/util/parse-events.c | 10 +++++++---
 1 file changed, 7 insertions(+), 3 deletions(-)

diff --git a/tools/perf/util/parse-events.c b/tools/perf/util/parse-events.c
index 8282ddf68b98..251f1b31b62f 100644
--- a/tools/perf/util/parse-events.c
+++ b/tools/perf/util/parse-events.c
@@ -313,9 +313,13 @@ __add_event(struct list_head *list, int *idx,
 out_err:
 	perf_cpu_map__put(cpus);
 	perf_cpu_map__put(pmu_cpus);
-	zfree(&evsel->name);
-	zfree(&evsel->metric_id);
-	free(evsel);
+
+	if (evsel) {
+		zfree(&evsel->name);
+		zfree(&evsel->metric_id);
+		free(evsel);
+	}
+
 	return NULL;
 }
 
-- 
2.43.0

…
> Add a null check before accessing evsel members in the error path.

* Please extend the goto chain instead for better exception handling.
  You may reorder jump targets accordingly.

* How do you think about to add any tags (like “Fixes” and “Cc”) accordingly?

* Would a summary phrase like “Prevent null pointer dereference in __add_event()”
  be nicer?


Regards,
Markus