From 531be721f74add51145d8d5c512d7c33366ad890 Mon Sep 17 00:00:00 2001 From: Francis Deslauriers Date: Fri, 17 Jan 2020 15:09:21 -0500 Subject: [PATCH] Fix: lttng: sanity check of `--probe` description MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit Issue ===== Run the following command: lttng enable-event -k --probe "\do_fork" my_do_fork_event currently fails and that is expected. But it does not fail for the right reason. In the `parse_probe_opts()` function, during the last step of parsing the probe description we assume it's a raw address and pass the string directly to the `strtoul()` function. So if the probe description is not an address at all (e.g. "\do_fork"), the `strtoul()` call will return 0 in the `addr` field of the probe struct. This is then passed to the kernel tracer that asks the kernel to instrument that address with a kprobe. This fails because 0x0 is not an address that can be instrumented. Solution ======== Check that the first character of the tentative address is a digit before trying to convert the string to an integer. This is not perfect but at least it prevents some errors. Signed-off-by: Francis Deslauriers Change-Id: I444f0e7694098b1cdb56ecbf5d92be8974e406dc Signed-off-by: Jérémie Galarneau --- src/bin/lttng/commands/enable_events.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/bin/lttng/commands/enable_events.c b/src/bin/lttng/commands/enable_events.c index 84bcb2081..f6bae4874 100644 --- a/src/bin/lttng/commands/enable_events.c +++ b/src/bin/lttng/commands/enable_events.c @@ -160,8 +160,13 @@ static int parse_probe_opts(struct lttng_event *ev, char *opt) /* Check for address */ match = sscanf(opt, "%" S_HEX_LEN_SCANF_IS_A_BROKEN_API "s", s_hex); if (match > 0) { - if (*s_hex == '\0') { - ERR("Invalid probe address %s", s_hex); + /* + * Return an error if the first character of the tentative + * address is NULL or not a digit. It can be "0" if the address + * is in hexadecimal and can be 1 to 9 if it's in decimal. + */ + if (*s_hex == '\0' || !isdigit(*s_hex)) { + ERR("Invalid probe description %s", s_hex); ret = CMD_ERROR; goto end; } -- 2.34.1