X-Git-Url: https://git.lttng.org/?p=lttng-tools.git;a=blobdiff_plain;f=src%2Fcommon%2Ftrigger.c;h=785fce3fcf0271e66a3d11a2777905dba3bd04fc;hp=26997fd1f21da68796f6a45e8d25633c8ed6d398;hb=3e6e0df2f8f9f23d252c2508b6d741916dfcc4b3;hpb=8a82be4c62d09a7ef4792c0eed7c7903dfac8424;ds=sidebyside

diff --git a/src/common/trigger.c b/src/common/trigger.c
index 26997fd1f..785fce3fc 100644
--- a/src/common/trigger.c
+++ b/src/common/trigger.c
@@ -140,14 +140,23 @@ ssize_t lttng_trigger_create_from_payload(
 		.uid = LTTNG_OPTIONAL_INIT_UNSET,
 		.gid = LTTNG_OPTIONAL_INIT_UNSET,
 	};
+	const struct lttng_payload_view trigger_comm_view =
+			lttng_payload_view_from_view(
+					src_view, 0, sizeof(*trigger_comm));
 
 	if (!src_view || !trigger) {
 		ret = -1;
 		goto end;
 	}
 
+	if (!lttng_payload_view_is_valid(&trigger_comm_view)) {
+		/* Payload not large enough to contain the header. */
+		ret = -1;
+		goto end;
+	}
+
 	/* lttng_trigger_comm header */
-	trigger_comm = (typeof(trigger_comm)) src_view->buffer.data;
+	trigger_comm = (typeof(trigger_comm)) trigger_comm_view.buffer.data;
 
 	/* Set the trigger's creds. */
 	if (trigger_comm->uid > (uint64_t) ((uid_t) -1)) {
@@ -164,7 +173,13 @@ ssize_t lttng_trigger_create_from_payload(
 		/* Name. */
 		const struct lttng_payload_view name_view =
 				lttng_payload_view_from_view(
-						src_view, offset, trigger_comm->name_length);
+						src_view, offset,
+						trigger_comm->name_length);
+
+		if (!lttng_payload_view_is_valid(&name_view)) {
+			ret = -1;
+			goto end;
+		}
 
 		name = name_view.buffer.data;
 		if (!lttng_buffer_view_contains_string(&name_view.buffer, name,