diff options
| author | Steven Rostedt <srostedt@redhat.com> | 2010-05-25 09:27:37 -0400 |
|---|---|---|
| committer | Steven Rostedt <rostedt@goodmis.org> | 2010-05-25 09:27:37 -0400 |
| commit | 0a346bad14855356892142f6f2a683f63827a757 (patch) | |
| tree | 23fe246b8de5ed599ac7516ca8a15dd0980ed63e | |
| parent | 3c570c713da86adc56d655865b29da47a12c6005 (diff) | |
parse-events: Fix segfault of print array processing
The reading of an element in an array assumed the arg was a field
type event though the arg could have been of a dynamic array type.
This caused a Seg fault when processing dynamic arrays.
Reported-by: Johannes Berg <johannes@sipsolutions.net>
Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
| -rw-r--r-- | parse-events.c | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/parse-events.c b/parse-events.c index 0f7b1f1..91d6788 100644 --- a/parse-events.c +++ b/parse-events.c | |||
| @@ -2839,6 +2839,7 @@ eval_num_arg(void *data, int size, struct event_format *event, struct print_arg | |||
| 2839 | struct print_arg *typearg = NULL; | 2839 | struct print_arg *typearg = NULL; |
| 2840 | struct print_arg *larg; | 2840 | struct print_arg *larg; |
| 2841 | unsigned long offset; | 2841 | unsigned long offset; |
| 2842 | unsigned int field_size; | ||
| 2842 | 2843 | ||
| 2843 | switch (arg->type) { | 2844 | switch (arg->type) { |
| 2844 | case PRINT_NULL: | 2845 | case PRINT_NULL: |
| @@ -2885,6 +2886,9 @@ eval_num_arg(void *data, int size, struct event_format *event, struct print_arg | |||
| 2885 | larg = larg->typecast.item; | 2886 | larg = larg->typecast.item; |
| 2886 | } | 2887 | } |
| 2887 | 2888 | ||
| 2889 | /* Default to long size */ | ||
| 2890 | field_size = pevent->long_size; | ||
| 2891 | |||
| 2888 | switch (larg->type) { | 2892 | switch (larg->type) { |
| 2889 | case PRINT_DYNAMIC_ARRAY: | 2893 | case PRINT_DYNAMIC_ARRAY: |
| 2890 | offset = pevent_read_number(pevent, | 2894 | offset = pevent_read_number(pevent, |
| @@ -2905,6 +2909,7 @@ eval_num_arg(void *data, int size, struct event_format *event, struct print_arg | |||
| 2905 | if (!larg->field.field) | 2909 | if (!larg->field.field) |
| 2906 | die("field %s not found", larg->field.name); | 2910 | die("field %s not found", larg->field.name); |
| 2907 | } | 2911 | } |
| 2912 | field_size = larg->field.field->elementsize; | ||
| 2908 | offset = larg->field.field->offset + | 2913 | offset = larg->field.field->offset + |
| 2909 | right * larg->field.field->elementsize; | 2914 | right * larg->field.field->elementsize; |
| 2910 | break; | 2915 | break; |
| @@ -2912,7 +2917,7 @@ eval_num_arg(void *data, int size, struct event_format *event, struct print_arg | |||
| 2912 | goto default_op; /* oops, all bets off */ | 2917 | goto default_op; /* oops, all bets off */ |
| 2913 | } | 2918 | } |
| 2914 | val = pevent_read_number(pevent, | 2919 | val = pevent_read_number(pevent, |
| 2915 | data + offset, larg->field.field->elementsize); | 2920 | data + offset, field_size); |
| 2916 | if (typearg) | 2921 | if (typearg) |
| 2917 | val = eval_type(val, typearg, 1); | 2922 | val = eval_type(val, typearg, 1); |
| 2918 | break; | 2923 | break; |