projects
/
lttng-tools.git
/ blobdiff
commit
grep
author
committer
pickaxe
?
search:
re
summary
|
shortlog
|
log
|
commit
|
commitdiff
|
tree
raw
|
inline
| side by side
Fix: unchecked buffer size for communication header
[lttng-tools.git]
/
src
/
common
/
kernel-probe.c
diff --git
a/src/common/kernel-probe.c
b/src/common/kernel-probe.c
index 9a84727cac09dee1644ea0186df607f07050eecc..27ca02c99d09ea03212bd7d1489221d17270f50c 100644
(file)
--- a/
src/common/kernel-probe.c
+++ b/
src/common/kernel-probe.c
@@
-433,20
+433,23
@@
ssize_t lttng_kernel_probe_location_create_from_payload(
struct lttng_payload_view *view,
struct lttng_kernel_probe_location **location)
{
struct lttng_payload_view *view,
struct lttng_kernel_probe_location **location)
{
- struct lttng_kernel_probe_location_comm *probe_location_comm;
enum lttng_kernel_probe_location_type type;
ssize_t consumed = 0;
ssize_t ret;
enum lttng_kernel_probe_location_type type;
ssize_t consumed = 0;
ssize_t ret;
+ const struct lttng_kernel_probe_location_comm *probe_location_comm;
+ const struct lttng_payload_view probe_location_comm_view =
+ lttng_payload_view_from_view(
+ view, 0, sizeof(*probe_location_comm));
assert(view);
assert(location);
assert(view);
assert(location);
- if (
view->buffer.size <= sizeof(*probe_location_comm
)) {
+ if (
!lttng_payload_view_is_valid(&probe_location_comm_view
)) {
ret = -LTTNG_ERR_INVALID;
goto end;
}
ret = -LTTNG_ERR_INVALID;
goto end;
}
- probe_location_comm = (typeof(probe_location_comm))
view->
buffer.data;
+ probe_location_comm = (typeof(probe_location_comm))
probe_location_comm_view.
buffer.data;
type = (enum lttng_kernel_probe_location_type) probe_location_comm->type;
consumed += sizeof(*probe_location_comm);
type = (enum lttng_kernel_probe_location_type) probe_location_comm->type;
consumed += sizeof(*probe_location_comm);
This page took
0.023116 seconds
and
4
git commands to generate.