I'm seeing a build failure when build with address sanitizer. It seems
we could write to the name[100] if the var is longer.
$ make EXTRA_CFLAGS=-fsanitize=address
...
CC builtin-daemon.o
In function ‘get_session_name’,
inlined from ‘session_config’ at builtin-daemon.c:164:6,
inlined from ‘server_config’ at builtin-daemon.c:223:10:
builtin-daemon.c:155:11: error: writing 1 byte into a region of size 0 [-Werror=stringop-overflow=]
155 | *session = 0;
| ~~~~~~~~~^~~
builtin-daemon.c: In function ‘server_config’:
builtin-daemon.c:162:7: note: at offset 100 to object ‘name’ with size 100 declared here
162 | char name[100];
| ^~~~
Fixes:
c0666261ff38 ("perf daemon: Add config file support")
Signed-off-by: Namhyung Kim <namhyung@kernel.org>
Acked-by: Jiri Olsa <jolsa@redhat.com>
Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com>
Cc: Ian Rogers <irogers@google.com>
Cc: Ingo Molnar <mingo@kernel.org>
Cc: Mark Rutland <mark.rutland@arm.com>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Stephane Eranian <eranian@google.com>
Link: https://lore.kernel.org/r/20210224071438.686677-1-namhyung@kernel.org
Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com>
struct daemon_session *session;
char name[100];
- if (get_session_name(var, name, sizeof(name)))
+ if (get_session_name(var, name, sizeof(name) - 1))
return -EINVAL;
var = strchr(var, '.');