From 22e06e682537193a426ef13e57c34d52c45c5581 Mon Sep 17 00:00:00 2001 From: Ian Rogers Date: Fri, 20 Jan 2023 10:58:28 -0800 Subject: [PATCH] perf buildid: Avoid copy of uninitialized memory build_id__init() only copies the buildid data up to size leaving the rest of the data array uninitialized. Copying the full array during synthesis means the written event contains uninitialized memory. Ensure the size is less that the buffer size and only copy the bytes that were initialized. This was detected by the Clang/LLVM memory sanitizer. v2. Avoids the potential for copying too much as suggested by Arnaldo. Suggested-by: Arnaldo Carvalho de Melo Signed-off-by: Ian Rogers Cc: Adrian Hunter Cc: Alexander Shishkin Cc: Ian Rogers Cc: Ingo Molnar Cc: Jiri Olsa Cc: Leo Yan Cc: Mark Rutland Cc: Namhyung Kim Cc: Nathan Chancellor Cc: Nick Desaulniers Cc: Peter Zijlstra Cc: Stephane Eranian Cc: Tom Rix Cc: llvm@lists.linux.dev Link: https://lore.kernel.org/r/20230120185828.43231-1-irogers@google.com Signed-off-by: Arnaldo Carvalho de Melo --- tools/perf/util/synthetic-events.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tools/perf/util/synthetic-events.c b/tools/perf/util/synthetic-events.c index 3ab6a92..9ab9308 100644 --- a/tools/perf/util/synthetic-events.c +++ b/tools/perf/util/synthetic-events.c @@ -2219,8 +2219,8 @@ int perf_event__synthesize_build_id(struct perf_tool *tool, struct dso *pos, u16 len = pos->long_name_len + 1; len = PERF_ALIGN(len, NAME_ALIGN); - memcpy(&ev.build_id.build_id, pos->bid.data, sizeof(pos->bid.data)); - ev.build_id.size = pos->bid.size; + ev.build_id.size = min(pos->bid.size, sizeof(pos->bid.data)); + memcpy(&ev.build_id.build_id, pos->bid.data, ev.build_id.size); ev.build_id.header.type = PERF_RECORD_HEADER_BUILD_ID; ev.build_id.header.misc = misc | PERF_RECORD_MISC_BUILD_ID_SIZE; ev.build_id.pid = machine->pid; -- 2.7.4