diff options
author | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-10-10 22:09:44 +0200 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2018-10-10 22:09:44 +0200 |
commit | 588b593821b8dd6efe6b6850930b501fc3c94a13 (patch) | |
tree | 38a02c6baa701de0aa5b49171ee40aaab3f97503 /lib | |
parent | f7e59f3895ed47f5a5a8b19b001effc6dbdbad88 (diff) | |
parent | 62165600ae73ebd76e2d9b992b36360408d570d8 (diff) | |
download | linux-588b593821b8dd6efe6b6850930b501fc3c94a13.tar.bz2 |
Merge tag 'trace-v4.19-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace
Steven writes:
"vsprint fix:
It was reported that trace_printk() was not reporting properly
values that came after a dereference pointer.
trace_printk() utilizes vbin_printf() and bstr_printf() to keep the
overhead of tracing down. vbin_printf() does not do any conversions
and just stors the string format and the raw arguments into the
buffer. bstr_printf() is used to read the buffer and does the
conversions to complete the printf() output.
This can be troublesome with dereferenced pointers because the
reference may be different from the time vbin_printf() is called to
the time bstr_printf() is called. To fix this, a prior commit changed
vbin_printf() to convert dereferenced pointers into strings and load
the converted string into the buffer. But the change to bstr_printf()
had an off-by-one error and didn't account for the nul character at
the end of the string and this corrupted the rest of the values in
the format that came after a dereferenced pointer."
* tag 'trace-v4.19-rc5' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
vsprintf: Fix off-by-one bug in bstr_printf() processing dereferenced pointers
Diffstat (limited to 'lib')
-rw-r--r-- | lib/vsprintf.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/lib/vsprintf.c b/lib/vsprintf.c index d5b3a3f95c01..812e59e13fe6 100644 --- a/lib/vsprintf.c +++ b/lib/vsprintf.c @@ -2794,7 +2794,7 @@ int bstr_printf(char *buf, size_t size, const char *fmt, const u32 *bin_buf) copy = end - str; memcpy(str, args, copy); str += len; - args += len; + args += len + 1; } } if (process) |