Fix: conversion from KB to bytes overflow on arm32

[lttng-tools.git] / src / lib / lttng-ctl / lttng-ctl.cpp

diff --git a/src/lib/lttng-ctl/lttng-ctl.cpp b/src/lib/lttng-ctl/lttng-ctl.cpp
index 3622987183c5db8c4bdf8e0f48b70b7bd63b5366..1743e7546c1071713aff10d9f10c73ad30ee955a 100644 (file)
--- a/src/lib/lttng-ctl/lttng-ctl.cpp
+++ b/src/lib/lttng-ctl/lttng-ctl.cpp
@@ -3,7 +3,7 @@
  *
  * Linux Trace Toolkit Control Library
  *
- * Copyright (C) 2011 David Goulet <david.goulet@polymtl.ca>
+ * Copyright (C) 2011 EfficiOS Inc.
  * Copyright (C) 2016 Jérémie Galarneau <jeremie.galarneau@efficios.com>
  *
  * SPDX-License-Identifier: LGPL-2.1-only
@@ -14,6 +14,7 @@
 #include <grp.h>
 #include <stdio.h>
 #include <stdlib.h>
+#include <stdint.h>
 #include <string.h>
 #include <unistd.h>
 
@@ -47,7 +48,7 @@
 
 #include "lttng-ctl-helper.h"
 #include <common/filter/filter-ast.h>
-#include <common/filter/filter-parser.h>
+#include <common/filter/filter-parser.hpp>
 #include <common/filter/memstream.h>
 
 #define COPY_DOMAIN_PACKED(dst, src)                           \
@@ -290,12 +291,14 @@ end:
        return ret;
 }
 
-static int check_enough_available_memory(size_t num_bytes_requested_per_cpu)
+static enum lttng_error_code check_enough_available_memory(
+               uint64_t num_bytes_requested_per_cpu)
 {
        int ret;
+       enum lttng_error_code ret_code;
        long num_cpu;
-       size_t best_mem_info;
-       size_t num_bytes_requested_total;
+       uint64_t best_mem_info;
+       uint64_t num_bytes_requested_total;
 
        /*
         * Get the number of CPU currently online to compute the amount of
@@ -303,10 +306,18 @@ static int check_enough_available_memory(size_t num_bytes_requested_per_cpu)
         */
        num_cpu = sysconf(_SC_NPROCESSORS_ONLN);
        if (num_cpu == -1) {
-               goto error;
+               ret_code = LTTNG_ERR_FATAL;
+               goto end;
+       }
+
+       if (num_bytes_requested_per_cpu > UINT64_MAX / (uint64_t) num_cpu) {
+               /* Overflow */
+               ret_code = LTTNG_ERR_OVERFLOW;
+               goto end;
        }
 
-       num_bytes_requested_total = num_bytes_requested_per_cpu * num_cpu;
+       num_bytes_requested_total =
+                       num_bytes_requested_per_cpu * (uint64_t) num_cpu;
 
        /*
         * Try to get the `MemAvail` field of `/proc/meminfo`. This is the most
@@ -328,10 +339,18 @@ static int check_enough_available_memory(size_t num_bytes_requested_per_cpu)
                goto success;
        }
 
-error:
-       return -1;
+       /* No valid source of information. */
+       ret_code = LTTNG_ERR_NOMEM;
+       goto end;
+
 success:
-       return best_mem_info >= num_bytes_requested_total;
+       if (best_mem_info >= num_bytes_requested_total) {
+               ret_code = LTTNG_OK;
+       } else {
+               ret_code = LTTNG_ERR_NOMEM;
+       }
+end:
+       return ret_code;
 }
 
 /*
@@ -1580,9 +1599,10 @@ void lttng_channel_destroy(struct lttng_channel *channel)
 int lttng_enable_channel(struct lttng_handle *handle,
                struct lttng_channel *in_chan)
 {
+       enum lttng_error_code ret_code;
        int ret;
        struct lttcomm_session_msg lsm;
-       size_t total_buffer_size_needed_per_cpu = 0;
+       uint64_t total_buffer_size_needed_per_cpu = 0;
 
        /* NULL arguments are forbidden. No default values. */
        if (handle == NULL || in_chan == NULL) {
@@ -1622,10 +1642,20 @@ int lttng_enable_channel(struct lttng_handle *handle,
         * Verify that the amount of memory required to create the requested
         * buffer is available on the system at the moment.
         */
+       if (lsm.u.channel.chan.attr.num_subbuf >
+                       UINT64_MAX / lsm.u.channel.chan.attr.subbuf_size) {
+               /* Overflow */
+               ret = -LTTNG_ERR_OVERFLOW;
+               goto end;
+       }
+
        total_buffer_size_needed_per_cpu = lsm.u.channel.chan.attr.num_subbuf *
                lsm.u.channel.chan.attr.subbuf_size;
-       if (!check_enough_available_memory(total_buffer_size_needed_per_cpu)) {
-               return -LTTNG_ERR_NOMEM;
+       ret_code = check_enough_available_memory(
+                       total_buffer_size_needed_per_cpu);
+       if (ret_code != LTTNG_OK) {
+               ret = -ret_code;
+               goto end;
        }
 
        lsm.cmd_type = LTTNG_ENABLE_CHANNEL;
@@ -1769,10 +1799,14 @@ int lttng_list_syscalls(struct lttng_event **events)
 
 /*
  * Returns a human readable string describing
- * the error code (a negative value).
+ * the error code (positive or negative value).
  */
 const char *lttng_strerror(int code)
 {
+       if (code > 0) {
+               code = -code;
+       }
+
        return error_get_str(code);
 }
 
@@ -2098,6 +2132,12 @@ int lttng_list_sessions(struct lttng_session **out_sessions)
 
        memset(&lsm, 0, sizeof(lsm));
        lsm.cmd_type = LTTNG_LIST_SESSIONS;
+       /*
+        * Initialize out_sessions to NULL so it is initialized when
+        * lttng_list_sessions returns 0, thus allowing *out_sessions to
+        * be subsequently freed.
+        */
+       *out_sessions = NULL;
        ret = lttng_ctl_ask_sessiond(&lsm, (void**) &sessions);
        if (ret <= 0) {
                goto end;
@@ -2110,7 +2150,6 @@ int lttng_list_sessions(struct lttng_session **out_sessions)
        if (ret % session_size) {
                ret = -LTTNG_ERR_UNK;
                free(sessions);
-               *out_sessions = NULL;
                goto end;
        }
        session_count = (size_t) ret / session_size;