1. Patchew
  2. linux
  3. View series

[PATCH 0/1] perf util: fix out-of-bounds write in perf_exe()

Miguel Martín Gil posted 1 patch 1 week, 6 days ago 
tools/perf/util/util.c | 12 +++++++++++-
1 file changed, 11 insertions(+), 1 deletion(-)
[PATCH 0/1] perf util: fix out-of-bounds write in perf_exe()
Posted by Miguel Martín Gil 1 week, 6 days ago 
perf_exe() currently passes the full buffer length to readlink() and then
unconditionally appends a trailing NUL at buf[n].

When readlink() returns exactly len bytes, the NUL store lands one byte past
the end of the caller buffer.

This series fixes it by reading at most len - 1 bytes and keeping explicit NUL
termination only within bounds. It also hardens the fallback path for tiny
buffers so copying "perf" cannot overflow.

Miguel Martín Gil (1):
  perf util: fix perf_exe() buffer write past end

 tools/perf/util/util.c | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

-- 
2.43.0

Patchew 2.1-devel-ea86937

© 2016 - 2026 Red Hat, Inc.