tracing: Use trace_seq_used() and seq_buf_used() instead of len

As the seq_buf->len will soon be +1 size when there's an overflow, we must use trace_seq_used() or seq_buf_used() methods to get the real length. This will prevent buffer overflow issues if just the len of the seq_buf descriptor is used to copy memory. Link: http://lkml.kernel.org/r/20141114121911.09ba3d38@gandalf.local.home Reported-by: Petr Mladek <pmladek@suse.cz> Signed-off-by: Steven Rostedt <rostedt@goodmis.org>
author: Steven Rostedt (Red Hat) <rostedt@goodmis.org> 2014-11-14 15:49:41 -0500
committer: Steven Rostedt <rostedt@goodmis.org> 2014-11-19 22:01:15 -0500
commit: 5ac48378414dccca735897c4d7f4e19987c8977c (patch)
tree: 9cf5c11dddd8081327d7e7f8a68a9e47613adcfa /kernel/trace/trace_functions_graph.c
parent: 74f06bb72347302a19aac087314388ebd0e4fee9 (diff)
download: linux-5ac48378414dccca735897c4d7f4e19987c8977c.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/kernel/trace/trace_functions_graph.c b/kernel/trace/trace_functions_graph.c
index 6d1342ae7a44..ec35468349a7 100644
--- a/kernel/trace/trace_functions_graph.c
+++ b/kernel/trace/trace_functions_graph.c
@@ -1153,6 +1153,9 @@ print_graph_comment(struct trace_seq *s, struct trace_entry *ent,
 			return ret;
 	}
 
+	if (trace_seq_has_overflowed(s))
+		goto out;
+
 	/* Strip ending newline */
 	if (s->buffer[s->seq.len - 1] == '\n') {
 		s->buffer[s->seq.len - 1] = '\0';
@@ -1160,7 +1163,7 @@ print_graph_comment(struct trace_seq *s, struct trace_entry *ent,
 	}
 
 	trace_seq_puts(s, " */\n");
-
+ out:
 	return trace_handle_return(s);
 }
author	Steven Rostedt (Red Hat) <rostedt@goodmis.org>	2014-11-14 15:49:41 -0500
committer	Steven Rostedt <rostedt@goodmis.org>	2014-11-19 22:01:15 -0500
commit	5ac48378414dccca735897c4d7f4e19987c8977c (patch)
tree	9cf5c11dddd8081327d7e7f8a68a9e47613adcfa /kernel/trace/trace_functions_graph.c
parent	74f06bb72347302a19aac087314388ebd0e4fee9 (diff)
download	linux-5ac48378414dccca735897c4d7f4e19987c8977c.tar.gz