Commit e77a6817 authored by Linus Torvalds's avatar Linus Torvalds
Browse files

Merge tag 'trace-v5.11-rc7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace 

Pull tracing fix from Steven Rostedt:
 "Fix buffer overflow in trace event filter.

  It was reported that if an trace event was larger than a page and was
  filtered, that it caused memory corruption. The reason is that
  filtered events first go into a buffer to test the filter before being
  written into the ring buffer. Unfortunately, this write did not check
  the size"

* tag 'trace-v5.11-rc7-2' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  tracing: Check length before giving out the filter buffer
parents 2dbbaae5 b220c049

kernel/trace/trace.c

+1 −1
Original line number Diff line number Diff line
@@ -2745,7 +2745,7 @@ trace_event_buffer_lock_reserve(struct trace_buffer **current_rb, 
	    (entry = this_cpu_read(trace_buffered_event))) {

		/* Try to use the per cpu buffer first */

		val = this_cpu_inc_return(trace_buffered_event_cnt);

		if (val == 1) {

		if ((len < (PAGE_SIZE - sizeof(*entry))) && val == 1) {

			trace_event_setup(entry, type, flags, pc);

			entry->array[0] = len;

			return entry;