tracing/filters: NIL-terminate user input filter

Make sure messages from user space are NIL-terminated strings, otherwise we could dump random memory while reading filter file. Try this: # echo 'parent_comm ==' > events/sched/sched_process_fork/filter # cat events/sched/sched_process_fork/filter parent_comm == � Signed-off-by: Li Zefan <lizf@cn.fujitsu.com> Acked-by: Tom Zanussi <tzanussi@gmail.com> Acked-by: Frederic Weisbecker <fweisbec@gmail.com> Cc: Steven Rostedt <rostedt@goodmis.org> LKML-Reference: <49E04C32.6060508@cn.fujitsu.com> Signed-off-by: Ingo Molnar <mingo@elte.hu>
author: Li Zefan <lizf@cn.fujitsu.com> 2009-04-11 15:52:18 +0800
committer: Ingo Molnar <mingo@elte.hu> 2009-04-12 11:59:27 +0200
commit: 8433a40eb7f2c4883ad57f9900f63e4d59240eb7 (patch)
tree: 7fab36945d0266ca00a9a13c2061cc2a0a2ae5dc /kernel
parent: 0462b5664b2bda5a18fef7efb5bb32ce36590c1a (diff)
download: linux-8433a40eb7f2c4883ad57f9900f63e4d59240eb7.tar.gz
1 files changed, 2 insertions, 0 deletions
diff --git a/kernel/trace/trace_events.c b/kernel/trace/trace_events.c
index 64ec4d278ffb..054bc1802bcd 100644
--- a/kernel/trace/trace_events.c
+++ b/kernel/trace/trace_events.c
@@ -503,6 +503,7 @@ event_filter_write(struct file *filp, const char __user *ubuf, size_t cnt,
 
 	if (copy_from_user(&buf, ubuf, cnt))
 		return -EFAULT;
+	buf[cnt] = '\0';
 
 	pred = kzalloc(sizeof(*pred), GFP_KERNEL);
 	if (!pred)
@@ -569,6 +570,7 @@ subsystem_filter_write(struct file *filp, const char __user *ubuf, size_t cnt,
 
 	if (copy_from_user(&buf, ubuf, cnt))
 		return -EFAULT;
+	buf[cnt] = '\0';
 
 	pred = kzalloc(sizeof(*pred), GFP_KERNEL);
 	if (!pred)
author	Li Zefan <lizf@cn.fujitsu.com>	2009-04-11 15:52:18 +0800
committer	Ingo Molnar <mingo@elte.hu>	2009-04-12 11:59:27 +0200
commit	8433a40eb7f2c4883ad57f9900f63e4d59240eb7 (patch)
tree	7fab36945d0266ca00a9a13c2061cc2a0a2ae5dc /kernel
parent	0462b5664b2bda5a18fef7efb5bb32ce36590c1a (diff)
download	linux-8433a40eb7f2c4883ad57f9900f63e4d59240eb7.tar.gz