From nobody Mon Jun 8 21:47:07 2026 Received: from mail-wm1-f53.google.com (mail-wm1-f53.google.com [209.85.128.53]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 74C5D3DD87B for ; Tue, 26 May 2026 11:09:03 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=209.85.128.53 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779793745; cv=none; b=jkkndi/jxjbzsEMTiYQsEru9ihA5UugYd8gwZNZpog/5dsXSz1AH7X9D6Kwr5whkT5d8NxgWlQVsv06f+fMFA9Yv1c9SgfpQvYAixty13g3AVA2kUtj/mjBFoVET2O8x0lfiDz+XFYeJmMp2AX+IDsVlizWIVKvoYfg7LuJEyMs= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1779793745; c=relaxed/simple; bh=P/pKdRei8jx/tOTQrB/qlG1u0fUwu1fbJ6Xbz+8xctA=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=Z7ua9dh1/mhE/8/UWWDJUFf4usUBOTHxP4KZ4YKOkVWcKVJgNRyBtTIEJZJbr1y1kbyTr1Z1nDhtwdv0Vy/fvS4NdgOpFXWzlCIGatU4okx2DtQBu6buGSUndTCQyNiAhXKlnRn+yagtrC+Djh1Mubr86CNpg7osPrBmJ0XgAOo= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com; spf=pass smtp.mailfrom=gmail.com; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b=WvWhGL4c; arc=none smtp.client-ip=209.85.128.53 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=gmail.com Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.b="WvWhGL4c" Received: by mail-wm1-f53.google.com with SMTP id 5b1f17b1804b1-4903f7a90d1so35943355e9.2 for ; Tue, 26 May 2026 04:09:03 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20251104; t=1779793742; x=1780398542; darn=vger.kernel.org; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:from:to:cc:subject:date :message-id:reply-to; bh=spKmw6C/CWUs2h7LttH1c5jMAcdZbJ142k6ouAspZZU=; b=WvWhGL4c0pMrSicwbyxAiuAUf3rX2D0vzkc1Ho12wQMUK6WmmRh3dAYVE1wpt/0CVW v7VMkYfBGmupdJJa8iHngQxDNN1W3DR+aIBq2xLE2lriQX/SQYXCabPjp8m92JPI9cLx essan4WAD8RT5cp2YB3xTCQmCQkfruwF7SOhZ7kOja275sPbySs+DuidRprU8L9yjD6v 0m0A3Ey85pu/Svl8sLyE0B1gYsLoTGO2XtAleobWCthNHSladn6a3M35s1/kG/nfOEvw tOQnuuIvTg1fp2Qs9fL+LxQb6WJzYjodew40bBZbF7ljDKxu99wluWSU98zDpGaqrPF+ N1pQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20251104; t=1779793742; x=1780398542; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-gg:x-gm-message-state:from :to:cc:subject:date:message-id:reply-to; bh=spKmw6C/CWUs2h7LttH1c5jMAcdZbJ142k6ouAspZZU=; b=hDOaW6MuUmh56xfX8ic9MnsmS3Mkr6vFSPapWkYcACz4WIIjQ89q8ZuAq92HWBcviw FhVa2IxcUJha5hqfZee0oKlm2p/lFz5Kn1lEy2TVlNHASQiy2iMuslKmfiFBSYHSVw7v 17l4/vSff+fS4FK9zfcaoHJfQzIp1W3VQHx6+jJ8gjm6tOWDWEoUAd0iQtrlHyc08tKq 8FOp2VvG9KEUqlcK9iA3TqhXP8SwYSnHjN8s7v/L6a5M4EOWyH2gWDFU+/SInw9ZvGn1 NM58wt9iOzeulfrCvn38cRmt1wiWVjm4zcCnK2016kIpUWof0xWadJKaZWcql9Gn9J12 Z8jA== X-Gm-Message-State: AOJu0YzPq3cOLI17ZFJPVh50UiYr/96iaDueB8S3U/RABLJHr/NCdEZ1 9wWeiiyWPNaGwipCVQ1KENfDjLHO4HQrhLDVgtkQPB7iBYU8ODx/BncR X-Gm-Gg: Acq92OEdec8C2pRbQh9GdtO1reJY0I5tGvxONZJxk2HnPNmmzkyCjTCnTCRbjgIfAdp tllJIk4+HZOjglpyaNJ6xk3yGV11O3TdhK7eGbFG3oQBtSal9mGG81kjdXTxWQVJsM20HgVWTuo At72t6T8t0kjR4B5dq3r9NaJqLeMkc99eaR0tqvkO+F2Q1h52aK+N3OXFDMu98VheYRYSSAUNLn L9qjAbL9sDcN4lzZ1HRoHhX4FtAhdoe6ej/V9zN2kJUMlziYSx+N6BrQH5DiP+gDvr/9q+xQ77Z EZiFMKNMUmQSa9ZqwOguwlAQ/dMqInt6tOF2/4gfyjxKTw+OG5ylIRKDMGOD07gtGz6ZY/EUIxT tv94viSD4hWtNOv8RRQ4LhBspVfzIyRbSBL0KwnbubxyOCTrSbipHPlz2sbSEFKNWtcRxRcE/9q 7fCrXJjVfV/oBJCyIrws1jF4J/F+l1IQ2YdysNnh/pAPucS3g4esolEmwKLedpa8l8nS1jEHGYZ n8eWN7kC0zAn/o4wl46tSpHfVA9Cg== X-Received: by 2002:a05:600c:698d:b0:490:601f:d77b with SMTP id 5b1f17b1804b1-490601fd94amr185023605e9.0.1779793741571; Tue, 26 May 2026 04:09:01 -0700 (PDT) Received: from MiguelMartnGil.uab.cat (wifixm-si-gw.uab.cat. [158.109.94.91]) by smtp.gmail.com with ESMTPSA id 5b1f17b1804b1-49045282201sm354162835e9.8.2026.05.26.04.09.00 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 26 May 2026 04:09:01 -0700 (PDT) From: =?UTF-8?q?Miguel=20Mart=C3=ADn=20Gil?= To: linux-perf-users@vger.kernel.org Cc: linux-kernel@vger.kernel.org, peterz@infradead.org, mingo@redhat.com, acme@kernel.org, namhyung@kernel.org, =?UTF-8?q?Miguel=20Mart=C3=ADn=20Gil?= Subject: [PATCH 1/1] perf util: fix perf_exe() buffer write past end Date: Tue, 26 May 2026 13:08:52 +0200 Message-ID: <20260526110852.7259-2-miguel.martin.gil.uni@gmail.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: <20260526110852.7259-1-miguel.martin.gil.uni@gmail.com> References: <20260526110852.7259-1-miguel.martin.gil.uni@gmail.com> Precedence: bulk X-Mailing-List: linux-kernel@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable perf_exe() passes len to readlink() and then unconditionally writes a trail= ing NUL at buf[n]. If readlink() returns len, the write lands one byte past= the buffer. Read at most len - 1 bytes and keep the existing NUL termination. Also guar= d the fallback path for tiny buffers so copying "perf" cannot overflow. Signed-off-by: Miguel Mart=C3=ADn Gil Reviewed-by: Ian Rogers --- tools/perf/util/util.c | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/tools/perf/util/util.c b/tools/perf/util/util.c index 25849434f0a4..2c2a5c449ffd 100644 --- a/tools/perf/util/util.c +++ b/tools/perf/util/util.c @@ -419,11 +419,21 @@ int perf_tip(char **strp, const char *dirpath) =20 char *perf_exe(char *buf, int len) { - int n =3D readlink("/proc/self/exe", buf, len); + int n; + + if (len <=3D 0) + return buf; + + n =3D readlink("/proc/self/exe", buf, len - 1); if (n > 0) { buf[n] =3D 0; return buf; } + if (len < (int)sizeof("perf")) { + buf[0] =3D '\0'; + return buf; + } + return strcpy(buf, "perf"); } =20 --=20 2.43.0