Fix: honor "user" attribute for array/sequence of user integers

The macro _lttng_kernel_static_type_integer_from_type() should map to
_lttng_kernel_static_type_integer() to pass the "_user" attribute.
Otherwise, userspace fields such as pipe2's system call fildes field (a
ctf_user_array()) can trigger NULL pointer exceptions and read arbitrary
kernel memory if the pipe2 system call receives a bogus pointer as input
while filtering/capture is accessing this field.

Signed-off-by: Mathieu Desnoyers <mathieu.desnoyers@efficios.com>
Change-Id: I44276d751b822f214804184d1ce4d9b10b47d89d

diff --git a/include/lttng/events.h b/include/lttng/events.h
index e5237bb0776611674a05d6a17e12aa4d7889a41d..ee2552ba8f2ccc97c320d8414f6c04177d96213c 100644 (file)
--- a/include/lttng/events.h
+++ b/include/lttng/events.h
@@ -163,11 +163,10 @@ struct lttng_kernel_event_field {
        _lttng_kernel_static_type_integer(_size, _alignment, _signedness, _byte_order, 1, _base)
 
 #define _lttng_kernel_static_type_integer_from_type(_type, _byte_order, _user, _base)                  \
-       lttng_kernel_static_type_integer(sizeof(_type) * CHAR_BIT,                                      \
+       _lttng_kernel_static_type_integer(sizeof(_type) * CHAR_BIT,                                     \
                        lttng_alignof(_type) * CHAR_BIT,                                                \
                        lttng_is_signed_type(_type),                                                    \
-                       _byte_order,                                                                    \
-                       _base)
+                       _byte_order, _user, _base)
 
 #define lttng_kernel_static_type_integer_from_type(_type, _byte_order, _base)                          \
        _lttng_kernel_static_type_integer_from_type(_type, _byte_order, 0, _base)