Hi Tom, On Wed, 30 Sep 2020 13:40:51 -0500 Tom Zanussi <zanu...@kernel.org> wrote:
> synth_field_size() returns either a positive size or an error (zero or > a negative value). However, the existing code assumes the only error > value is 0. It doesn't handle negative error codes, as it assigns > directly to field->size (a size_t; unsigned), thereby interpreting the > error code as a valid size instead. > > Do the test before assignment to field->size. This looks good to me. And I guess it is a kind of bugfix which should be backported? (doesn't this need a Fixes tag?) Reviewed-by: Masami Hiramatsu <mhira...@kernel.org> Thank you, > > [ axelrasmus...@google.com: changelog addition, first paragraph above ] > > Signed-off-by: Tom Zanussi <zanu...@kernel.org> > --- > kernel/trace/trace_events_synth.c | 6 ++++-- > 1 file changed, 4 insertions(+), 2 deletions(-) > > diff --git a/kernel/trace/trace_events_synth.c > b/kernel/trace/trace_events_synth.c > index a9cd7793f7ea..fa8a99828f41 100644 > --- a/kernel/trace/trace_events_synth.c > +++ b/kernel/trace/trace_events_synth.c > @@ -465,6 +465,7 @@ static struct synth_field *parse_synth_field(int argc, > const char **argv, > struct synth_field *field; > const char *prefix = NULL, *field_type = argv[0], *field_name, *array; > int len, ret = 0; > + ssize_t size; > > if (field_type[0] == ';') > field_type++; > @@ -520,11 +521,12 @@ static struct synth_field *parse_synth_field(int argc, > const char **argv, > field->type[len - 1] = '\0'; > } > > - field->size = synth_field_size(field->type); > - if (!field->size) { > + size = synth_field_size(field->type); > + if (size <= 0) { > ret = -EINVAL; > goto free; > } > + field->size = size; > > if (synth_field_is_string(field->type)) > field->is_string = true; > -- > 2.17.1 > -- Masami Hiramatsu <mhira...@kernel.org>