Hollis Blanchard <hollis_blanchard@mentor.com> wrote:
> I seem to have hit a little problem with a "hello world" test app and
> lttng-ust 2.0.3. lttng-ust.git seems to be affected as well. Basically,
> I created a single UST tracepoint, but as soon as I run "lttng
> enable-event -u -a", my app segfaults. The problem seems to be that when
> creating the event to pass to ltt_event_create(), we try to memcpy the
> full 256 bytes of name. However, the name might be shorter, and if we
> get unlucky it falls within 256 bytes of the segment boundary...
Fixing the 3 sites where this issue arise. Manually inspecting all
memcpy in the UST code returned by grep did the job.
Reported-by: Hollis Blanchard <hollis_blanchard@mentor.com>
Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
if (!bsd_name)
name[0] = '\0';
else
- memcpy(name, bsd_name, LTTNG_UST_PROCNAME_LEN - 1);
+ strncpy(name, bsd_name, LTTNG_UST_PROCNAME_LEN - 1);
}
#endif
memcpy(&event_param, &sw->event_param,
sizeof(event_param));
- memcpy(event_param.name,
+ strncpy(event_param.name,
desc->name,
sizeof(event_param.name));
+ event_param.name[sizeof(event_param.name) - 1] = '\0';
/* create event */
ret = ltt_event_create(sw->chan,
&event_param, &ev);
memcpy(&event_param, &wildcard->event_param,
sizeof(event_param));
- memcpy(event_param.name,
+ strncpy(event_param.name,
event_desc->name,
sizeof(event_param.name));
+ event_param.name[sizeof(event_param.name) - 1] = '\0';
/* create event */
ret = ltt_event_create(wildcard->chan,
&event_param, &ev);
projects / lttng-ust.git / commitdiff
