On Wed, Feb 24, 2021 at 04:14:38PM +0900, Namhyung Kim wrote:
> I'm seeing a build failure when build with address sanitizer.
> It seems we could write to the name[100] if the var is longer.
>
> $ make EXTRA_CFLAGS=-fsanitize=address
> ...
> CC builtin-daemon.o
> In function ‘get_session_name’,
> inlined from ‘session_config’ at builtin-daemon.c:164:6,
> inlined from ‘server_config’ at builtin-daemon.c:223:10:
> builtin-daemon.c:155:11: error: writing 1 byte into a region of size 0
> [-Werror=stringop-overflow=]
> 155 | *session = 0;
> | ~~~~~~~~~^~~
> builtin-daemon.c: In function ‘server_config’:
> builtin-daemon.c:162:7: note: at offset 100 to object ‘name’ with size 100
> declared here
> 162 | char name[100];
> | ^~~~
>
> Fixes: c0666261ff38 ("perf daemon: Add config file support")
> Signed-off-by: Namhyung Kim <namhy...@kernel.org>
Acked-by: Jiri Olsa <jo...@redhat.com>
thanks,
jirka
> ---
> tools/perf/builtin-daemon.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/tools/perf/builtin-daemon.c b/tools/perf/builtin-daemon.c
> index 617feaf020f6..8f9fc61691da 100644
> --- a/tools/perf/builtin-daemon.c
> +++ b/tools/perf/builtin-daemon.c
> @@ -161,7 +161,7 @@ static int session_config(struct daemon *daemon, const
> char *var, const char *va
> struct daemon_session *session;
> char name[100];
>
> - if (get_session_name(var, name, sizeof(name)))
> + if (get_session_name(var, name, sizeof(name) - 1))
> return -EINVAL;
>
> var = strchr(var, '.');
> --
> 2.30.0.617.g56c4b15f3c-goog
>
