X-Git-Url: https://git.lttng.org/?a=blobdiff_plain;f=src%2Fcommon%2Factions%2Fsnapshot-session.c;h=8b23d58e70aafb81e09893e37c02dc8b6a3199c6;hb=44635d77b591f83a80d48cd93497bd1cd6aa788d;hp=667166770d30839c2ee13c066e70e1deb09223fb;hpb=9e620ea7b016fc3fd4e08b5d094ffa40b36b50f6;p=lttng-tools.git

diff --git a/src/common/actions/snapshot-session.c b/src/common/actions/snapshot-session.c
index 667166770..8b23d58e7 100644
--- a/src/common/actions/snapshot-session.c
+++ b/src/common/actions/snapshot-session.c
@@ -19,7 +19,7 @@
 #include <inttypes.h>
 
 #define IS_SNAPSHOT_SESSION_ACTION(action) \
-	(lttng_action_get_type_const(action) == LTTNG_ACTION_TYPE_SNAPSHOT_SESSION)
+	(lttng_action_get_type(action) == LTTNG_ACTION_TYPE_SNAPSHOT_SESSION)
 
 struct lttng_action_snapshot_session {
 	struct lttng_action parent;
@@ -141,7 +141,6 @@ static int lttng_action_snapshot_session_serialize(
 	assert(payload);
 
 	size_before_comm = payload->buffer.size;
-	size_before_comm = size_before_comm + sizeof(comm);
 
 	action_snapshot_session = action_snapshot_session_from_action(action);
 	comm.session_name_len =
@@ -212,18 +211,26 @@ ssize_t lttng_action_snapshot_session_create_from_payload(
 		struct lttng_action **p_action)
 {
 	ssize_t consumed_len;
-	const struct lttng_action_snapshot_session_comm *comm;
 	const char *variable_data;
 	struct lttng_action *action;
 	enum lttng_action_status status;
 	struct lttng_snapshot_output *snapshot_output = NULL;
+	const struct lttng_action_snapshot_session_comm *comm;
+	const struct lttng_payload_view snapshot_session_comm_view =
+			lttng_payload_view_from_view(
+				view, 0, sizeof(*comm));
 
 	action = lttng_action_snapshot_session_create();
 	if (!action) {
 		goto error;
 	}
 
-	comm = (typeof(comm)) view->buffer.data;
+	if (!lttng_payload_view_is_valid(&snapshot_session_comm_view)) {
+		/* Payload not large enough to contain the header. */
+		goto error;
+	}
+
+	comm = (typeof(comm)) snapshot_session_comm_view.buffer.data;
 	variable_data = (const char *) &comm->data;
 
 	consumed_len = sizeof(struct lttng_action_snapshot_session_comm);
@@ -250,7 +257,7 @@ ssize_t lttng_action_snapshot_session_create_from_payload(
 			lttng_payload_view_from_view(view, consumed_len,
 				comm->snapshot_output_len);
 
-		if (!snapshot_output_buffer_view.buffer.data) {
+		if (!lttng_payload_view_is_valid(&snapshot_output_buffer_view)) {
 			ERR("Failed to create buffer view for snapshot output.");
 			goto error;
 		}