From: Tony Jones <tonyj@suse.de>
Subject: [PATCH] tools lib traceevent: Fix buffer overflow in arg_eval
Date: Wed Feb 27 16:08:47 2019 -0800
Git-commit: 7c5b019e3a638a5a290b0ec020f6ca83d2ec2aaa
Patch-mainline: v5.1-rc1
References: bsc#1122179
Signed-off-by: Tony Jones <tonyj@suse.de>
X-Info: adjust missing tep_/TEP_ name prefix patches (no 5647f94b90f6, no 1e97216f2033)
Fix buffer overflow observed when running perf test.
The overflow is when trying to evaluate "1ULL << (64 - 1)" which
is resulting in -9223372036854775808 which overflows the 20 character
buffer.
If is possible this bug has been reported before but I still don't
see any fix checked in:
See: https://www.spinics.net/lists/linux-perf-users/msg07714.html
Signed-off-by: Tony Jones <tonyj@suse.de>
diff --git a/tools/lib/traceevent/event-parse.c b/tools/lib/traceevent/event-parse.c
index abd4fa5d3088..87494c7c619d 100644
--- a/tools/lib/traceevent/event-parse.c
+++ b/tools/lib/traceevent/event-parse.c
@@ -2457,7 +2457,7 @@ static int arg_num_eval(struct print_arg *arg, long long *val)
static char *arg_eval (struct print_arg *arg)
{
long long val;
- static char buf[20];
+ static char buf[24];
switch (arg->type) {
case PRINT_ATOM: