X-Git-Url: https://git.lttng.org/?a=blobdiff_plain;f=libringbuffer%2Fring_buffer_backend.c;h=7d3a37809e73da27b25d43d8914ed285545075f7;hb=4db6ca96415350161cce90319d647f950cd8a62e;hp=e7a00144544a9d3e10b502cbdef0bececc990f5b;hpb=74d81a6cca2cd4a7718bba9368f382f9f2fbba84;p=lttng-ust.git

diff --git a/libringbuffer/ring_buffer_backend.c b/libringbuffer/ring_buffer_backend.c
index e7a00144..7d3a3780 100644
--- a/libringbuffer/ring_buffer_backend.c
+++ b/libringbuffer/ring_buffer_backend.c
@@ -234,6 +234,12 @@ int channel_backend_init(struct channel_backend *chanb,
 		return -EINVAL;
 	if (!num_subbuf || (num_subbuf & (num_subbuf - 1)))
 		return -EINVAL;
+	/*
+	 * Overwrite mode buffers require at least 2 subbuffers per
+	 * buffer.
+	 */
+	if (config->mode == RING_BUFFER_OVERWRITE && num_subbuf < 2)
+		return -EINVAL;
 
 	ret = subbuffer_id_check_index(config, num_subbuf);
 	if (ret)
@@ -381,8 +387,9 @@ size_t lib_ring_buffer_read(struct lttng_ust_lib_ring_buffer_backend *bufb, size
  * @dest : destination address
  * @len : destination's length
  *
- * return string's length
+ * Return string's length, or -EINVAL on error.
  * Should be protected by get_subbuf/put_subbuf.
+ * Destination length should be at least 1 to hold '\0'.
  */
 int lib_ring_buffer_read_cstr(struct lttng_ust_lib_ring_buffer_backend *bufb, size_t offset,
 			      void *dest, size_t len, struct lttng_ust_shm_handle *handle)
@@ -394,6 +401,8 @@ int lib_ring_buffer_read_cstr(struct lttng_ust_lib_ring_buffer_backend *bufb, si
 	struct lttng_ust_lib_ring_buffer_backend_pages_shmp *rpages;
 	unsigned long sb_bindex, id;
 
+	if (caa_unlikely(!len))
+		return -EINVAL;
 	offset &= chanb->buf_size - 1;
 	orig_offset = offset;
 	id = bufb->buf_rsb.id;
@@ -422,8 +431,9 @@ int lib_ring_buffer_read_cstr(struct lttng_ust_lib_ring_buffer_backend *bufb, si
  *
  * Return the address where a given offset is located (for read).
  * Should be used to get the current subbuffer header pointer. Given we know
- * it's never on a page boundary, it's safe to write directly to this address,
- * as long as the write is never bigger than a page size.
+ * it's never on a page boundary, it's safe to read/write directly
+ * from/to this address, as long as the read/write is never bigger than
+ * a page size.
  */
 void *lib_ring_buffer_read_offset_address(struct lttng_ust_lib_ring_buffer_backend *bufb,
 					  size_t offset,