Hi Tom,
On Wed, 30 Sep 2020 13:40:51 -0500
Tom Zanussi <zanu...@kernel.org> wrote:
> synth_field_size() returns either a positive size or an error (zero or
> a negative value). However, the existing code assumes the only error
> value is 0. It doesn't handle negative error codes, as it assigns
> directly to field->size (a size_t; unsigned), thereby interpreting the
> error code as a valid size instead.
>
> Do the test before assignment to field->size.
This looks good to me. And I guess it is a kind of bugfix which should be
backported?
(doesn't this need a Fixes tag?)
Reviewed-by: Masami Hiramatsu <mhira...@kernel.org>
Thank you,
>
> [ axelrasmus...@google.com: changelog addition, first paragraph above ]
>
> Signed-off-by: Tom Zanussi <zanu...@kernel.org>
> ---
> kernel/trace/trace_events_synth.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/kernel/trace/trace_events_synth.c
> b/kernel/trace/trace_events_synth.c
> index a9cd7793f7ea..fa8a99828f41 100644
> --- a/kernel/trace/trace_events_synth.c
> +++ b/kernel/trace/trace_events_synth.c
> @@ -465,6 +465,7 @@ static struct synth_field *parse_synth_field(int argc,
> const char **argv,
> struct synth_field *field;
> const char *prefix = NULL, *field_type = argv[0], *field_name, *array;
> int len, ret = 0;
> + ssize_t size;
>
> if (field_type[0] == ';')
> field_type++;
> @@ -520,11 +521,12 @@ static struct synth_field *parse_synth_field(int argc,
> const char **argv,
> field->type[len - 1] = '\0';
> }
>
> - field->size = synth_field_size(field->type);
> - if (!field->size) {
> + size = synth_field_size(field->type);
> + if (size <= 0) {
> ret = -EINVAL;
> goto free;
> }
> + field->size = size;
>
> if (synth_field_is_string(field->type))
> field->is_string = true;
> --
> 2.17.1
>
--
Masami Hiramatsu <mhira...@kernel.org>
