summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFrederic Weisbecker <fweisbec@gmail.com>2011-05-21 17:07:24 +0200
committerFrederic Weisbecker <fweisbec@gmail.com>2011-05-22 03:12:13 +0200
commiteac9eacee1602710dda47c517ad0b61ac6f429bf (patch)
treeea59e724cec133e301cd73306e31362a1ddfe8f3
parentc5fc472171ec4f96d06d1ac039d88f9b89bb95db (diff)
perf tools: Check we are able to read the event size on mmap
Check we have enough mmaped space to read the current event size from its headers, otherwise we may dereference some hell there. Signed-off-by: Frederic Weisbecker <fweisbec@gmail.com> Cc: Ingo Molnar <mingo@elte.hu> Cc: Peter Zijlstra <a.p.zijlstra@chello.nl> Cc: Arnaldo Carvalho de Melo <acme@redhat.com> Cc: Stephane Eranian <eranian@google.com>
-rw-r--r--tools/perf/util/session.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/tools/perf/util/session.c b/tools/perf/util/session.c
index fff66741f18d..61746b5866d8 100644
--- a/tools/perf/util/session.c
+++ b/tools/perf/util/session.c
@@ -1007,6 +1007,13 @@ remap:
file_pos = file_offset + head;
more:
+ /*
+ * Ensure we have enough space remaining to read
+ * the size of the event in the headers.
+ */
+ if (head + sizeof(event->header) > mmap_size)
+ goto remap;
+
event = (union perf_event *)(buf + head);
if (session->header.needs_swap)