Fix: unchecked buffer size for communication header

[lttng-tools.git] / src / common / kernel-probe.c

diff --git a/src/common/kernel-probe.c b/src/common/kernel-probe.c
index 9a84727cac09dee1644ea0186df607f07050eecc..27ca02c99d09ea03212bd7d1489221d17270f50c 100644 (file)
--- a/src/common/kernel-probe.c
+++ b/src/common/kernel-probe.c
@@ -433,20 +433,23 @@ ssize_t lttng_kernel_probe_location_create_from_payload(
                struct lttng_payload_view *view,
                struct lttng_kernel_probe_location **location)
 {
-       struct lttng_kernel_probe_location_comm *probe_location_comm;
        enum lttng_kernel_probe_location_type type;
        ssize_t consumed = 0;
        ssize_t ret;
+       const struct lttng_kernel_probe_location_comm *probe_location_comm;
+       const struct lttng_payload_view probe_location_comm_view =
+                       lttng_payload_view_from_view(
+                                       view, 0, sizeof(*probe_location_comm));
 
        assert(view);
        assert(location);
 
-       if (view->buffer.size <= sizeof(*probe_location_comm)) {
+       if (!lttng_payload_view_is_valid(&probe_location_comm_view)) {
                ret = -LTTNG_ERR_INVALID;
                goto end;
        }
 
-       probe_location_comm = (typeof(probe_location_comm)) view->buffer.data;
+       probe_location_comm = (typeof(probe_location_comm)) probe_location_comm_view.buffer.data;
        type = (enum lttng_kernel_probe_location_type) probe_location_comm->type;
        consumed += sizeof(*probe_location_comm);