Skip to content

Commit

Permalink
Fix dt_tp_event_info() not to overrun buffer
Browse files Browse the repository at this point in the history 
The parsing code is not resetting p to the beginning of the buffer
and can therefore cause buffer overruns.

Signed-off-by: Eugene Loh <eugene.loh@oracle.com>
Reviewed-by: Kris Van Hees <kris.van.hees@oracle.com>
  • Loading branch information
@euloh @kvanhees
euloh authored and kvanhees committed Jan 26, 2024
1 parent d30e20d commit a20cc60
Showing 1 changed file with 2 additions and 1 deletion.
3 changes: 2 additions & 1 deletion libdtrace/dt_provider_tp.c
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
/*
* Oracle Linux DTrace.
* Copyright (c) 2021, 2023, Oracle and/or its affiliates. All rights reserved.
* Copyright (c) 2021, 2024, Oracle and/or its affiliates. All rights reserved.
* Licensed under the Universal Permissive License v 1.0 as shown at
* http://oss.oracle.com/licenses/upl.
*
Expand Down Expand Up @@ -196,6 +196,7 @@ dt_tp_event_info(dtrace_hdl_t *dtp, FILE *f, int skip, tp_probe_t *tpp,
if (p != NULL)
size = strtol(p + 5, NULL, 10);

p = buf;
if (sscanf(buf, " field:%[^;]", p) <= 0)
continue;
sscanf(p, "__data_loc %[^;]", p);
Expand Down

0 comments on commit a20cc60

Please sign in to comment.