From eac9eacee1602710dda47c517ad0b61ac6f429bf Mon Sep 17 00:00:00 2001 From: Frederic Weisbecker Date: Sat, 21 May 2011 17:07:24 +0200 Subject: perf tools: Check we are able to read the event size on mmap Check we have enough mmaped space to read the current event size from its headers, otherwise we may dereference some hell there. Signed-off-by: Frederic Weisbecker Cc: Ingo Molnar Cc: Peter Zijlstra Cc: Arnaldo Carvalho de Melo Cc: Stephane Eranian --- tools/perf/util/session.c | 7 +++++++ 1 file changed, 7 insertions(+) (limited to 'tools/perf/util') diff --git a/tools/perf/util/session.c b/tools/perf/util/session.c index fff66741f18d..61746b5866d8 100644 --- a/tools/perf/util/session.c +++ b/tools/perf/util/session.c @@ -1007,6 +1007,13 @@ remap: file_pos = file_offset + head; more: + /* + * Ensure we have enough space remaining to read + * the size of the event in the headers. + */ + if (head + sizeof(event->header) > mmap_size) + goto remap; + event = (union perf_event *)(buf + head); if (session->header.needs_swap) -- cgit v1.2.3