tracing: Use trace_seq_used() and seq_buf_used() instead of len

As the seq_buf->len will soon be +1 size when there's an overflow, we must use trace_seq_used() or seq_buf_used() methods to get the real length. This will prevent buffer overflow issues if just the len of the seq_buf descriptor is used to copy memory. Link: http://lkml.kernel.org/r/20141114121911.09ba3d38@gandalf.local.home Reported-by: Petr Mladek <pmladek@suse.cz> Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
author: Steven Rostedt (Red Hat) <rostedt@goodmis.org> 2014-11-14 15:49:41 -0500
committer: Steven Rostedt <rostedt@goodmis.org> 2014-11-19 22:01:15 -0500
commit: 5ac48378414dccca735897c4d7f4e19987c8977c (patch)
tree: 9cf5c11dddd8081327d7e7f8a68a9e47613adcfa /kernel/trace/trace_functions_graph.c
parent: 74f06bb72347302a19aac087314388ebd0e4fee9 (diff)
1 files changed, 4 insertions, 1 deletions
diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c
index 6d1342ae7a44..ec35468349a7 100644
--- a/kernel/trace/trace_functions_graph.c
+++ b/kernel/trace/trace_functions_graph.c
@@ -1153,6 +1153,9 @@ print_graph_comment(struct trace_seq *s, struct trace_entry *ent,
                        return ret;
        }
+        if (trace_seq_has_overflowed(s))
+                goto out;
        /* Strip ending newline */
        if (s->buffer[s->seq.len - 1] == '\n') {
                s->buffer[s->seq.len - 1] = '\0';
@@ -1160,7 +1163,7 @@ print_graph_comment(struct trace_seq *s, struct trace_entry *ent,
        }
        trace_seq_puts(s, " */\n");
+ out:
        return trace_handle_return(s);
 }
author	Steven Rostedt (Red Hat) <rostedt@goodmis.org>	2014-11-14 15:49:41 -0500
committer	Steven Rostedt <rostedt@goodmis.org>	2014-11-19 22:01:15 -0500
commit	5ac48378414dccca735897c4d7f4e19987c8977c (patch)
tree	9cf5c11dddd8081327d7e7f8a68a9e47613adcfa /kernel/trace/trace_functions_graph.c
parent	74f06bb72347302a19aac087314388ebd0e4fee9 (diff)

diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c index 6d1342ae7a44..ec35468349a7 100644 --- a/kernel/trace/trace_functions_graph.c +++ b/kernel/trace/trace_functions_graph.c
@@ -1153,6 +1153,9 @@ print_graph_comment(struct trace_seq s, struct trace_entry ent,
1153	return ret;	1153	return ret;
1154	}	1154	}
1155		1155
		1156	if (trace_seq_has_overflowed(s))
		1157	goto out;
		1158
1156	/* Strip ending newline */	1159	/* Strip ending newline */
1157	if (s->buffer[s->seq.len - 1] == '\n') {	1160	if (s->buffer[s->seq.len - 1] == '\n') {
1158	s->buffer[s->seq.len - 1] = '\0';	1161	s->buffer[s->seq.len - 1] = '\0';
@@ -1160,7 +1163,7 @@ print_graph_comment(struct trace_seq s, struct trace_entry ent,
1160	}	1163	}
1161		1164
1162	trace_seq_puts(s, " */\n");	1165	trace_seq_puts(s, " */\n");
1163		1166	out:
1164	return trace_handle_return(s);	1167	return trace_handle_return(s);
1165	}	1168	}
1166		1169