perf expr: Prevent normalize() from reading into undefined memory in the expression lexer
The current implementation does not account for a trailing backslash followed by a null-byte. If a null-byte is encountered following a backslash, normalize() will continue reading (and potentially writing) into garbage memory ignoring the EOS null-byte. Signed-off-by: Sohom Datta <sohomdatta1+git@gmail.com> Acked-by: Ian Rogers <irogers@google.com> Acked-by: Jiri Olsa <jolsa@kernel.org> Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Namhyung Kim <namhyung@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Link: https://lore.kernel.org/r/20221204105836.1012885-1-sohomdatta1+git@gmail.com Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
This commit is contained in:
parent
c905ecfbb8
commit
85c4491396
@ -42,8 +42,11 @@ static char *normalize(char *str, int runtime)
|
||||
char *dst = str;
|
||||
|
||||
while (*str) {
|
||||
if (*str == '\\')
|
||||
if (*str == '\\') {
|
||||
*dst++ = *++str;
|
||||
if (!*str)
|
||||
break;
|
||||
}
|
||||
else if (*str == '?') {
|
||||
char *paramval;
|
||||
int i = 0;
|
||||
|
Loading…
Reference in New Issue
Block a user