+ /* Check for overflow when calculating sizeof_sym_hist */
+ if (size > (SIZE_MAX / sizeof(u64)))
+ return -1;
How does it guarantee that the end result which used in zalloc below
would not overflow?
+
+ sizeof_sym_hist = (sizeof(struct sym_hist) + size *
Hi, Cody
On Thu, 19 Jul 2012 17:13:35 -0700, Cody Schafer wrote:
> A large enough symbol size causes an overflow in the size parameter to the
> histogram allocation, leading to a segfault in symbol__inc_addr_samples later
> on when this histogram is accessed.
>
> In the case of being called via
A large enough symbol size causes an overflow in the size parameter to the
histogram allocation, leading to a segfault in symbol__inc_addr_samples later
on when this histogram is accessed.
In the case of being called via perf-report, this returns back and
gracefully ignores the sample, eventually
A large enough symbol size causes an overflow in the size parameter to the
histogram allocation, leading to a segfault in symbol__inc_addr_samples later
on when this histogram is accessed.
In the case of being called via perf-report, this returns back and
gracefully ignores the sample, eventually
Hi, Cody
On Thu, 19 Jul 2012 17:13:35 -0700, Cody Schafer wrote:
A large enough symbol size causes an overflow in the size parameter to the
histogram allocation, leading to a segfault in symbol__inc_addr_samples later
on when this histogram is accessed.
In the case of being called via
+ /* Check for overflow when calculating sizeof_sym_hist */
+ if (size (SIZE_MAX / sizeof(u64)))
+ return -1;
How does it guarantee that the end result which used in zalloc below
would not overflow?
+
+ sizeof_sym_hist = (sizeof(struct sym_hist) + size *
6 matches
Mail list logo