From 5ef79758eb474b7f658aa8ff50993d9f84913600 Mon Sep 17 00:00:00 2001 From: Mathieu Desnoyers Date: Wed, 26 Nov 2014 12:30:18 -0500 Subject: [PATCH] Fix: oom error check, realloc oom leak MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit print_exclusions can return a NULL pointer on OOM, should be checked. Also, realloc always need to store result in a different variable than its input in case it fails (and its returned pointer needs to be checked for NULL). Signed-off-by: Mathieu Desnoyers Signed-off-by: Jérémie Galarneau --- src/bin/lttng/commands/enable_events.c | 55 ++++++++++++++++++++++++-- 1 file changed, 51 insertions(+), 4 deletions(-) diff --git a/src/bin/lttng/commands/enable_events.c b/src/bin/lttng/commands/enable_events.c index 0b3443caa..c6a24ada5 100644 --- a/src/bin/lttng/commands/enable_events.c +++ b/src/bin/lttng/commands/enable_events.c @@ -624,11 +624,25 @@ int check_exclusion_subsets(const char *event_name, goto error; } if (e == '*') { + char *string; + char **new_exclusion_list; + /* Excluder is a proper subset of event */ + string = strndup(next_excluder, excluder_length); + if (!string) { + PERROR("strndup error"); + goto error; + } + new_exclusion_list = realloc(exclusion_list, + sizeof(char **) * (exclusion_count + 1)); + if (!new_exclusion_list) { + PERROR("realloc"); + free(string); + goto error; + } + exclusion_list = new_exclusion_list; exclusion_count++; - exclusion_list = realloc(exclusion_list, sizeof(char **) * exclusion_count); - exclusion_list[exclusion_count - 1] = strndup(next_excluder, excluder_length); - + exclusion_list[exclusion_count - 1] = string; break; } if (x != e) { @@ -829,6 +843,12 @@ static int enable_events(char *session_name) case LTTNG_EVENT_TRACEPOINT: if (opt_loglevel && dom.type != LTTNG_DOMAIN_KERNEL) { char *exclusion_string = print_exclusions(exclusion_count, exclusion_list); + + if (!exclusion_string) { + PERROR("Cannot allocate exclusion_string"); + error = 1; + goto end; + } MSG("All %s tracepoints%s are enabled in channel %s for loglevel %s", get_domain_str(dom.type), exclusion_string, @@ -837,6 +857,12 @@ static int enable_events(char *session_name) free(exclusion_string); } else { char *exclusion_string = print_exclusions(exclusion_count, exclusion_list); + + if (!exclusion_string) { + PERROR("Cannot allocate exclusion_string"); + error = 1; + goto end; + } MSG("All %s tracepoints%s are enabled in channel %s", get_domain_str(dom.type), exclusion_string, @@ -854,6 +880,12 @@ static int enable_events(char *session_name) case LTTNG_EVENT_ALL: if (opt_loglevel && dom.type != LTTNG_DOMAIN_KERNEL) { char *exclusion_string = print_exclusions(exclusion_count, exclusion_list); + + if (!exclusion_string) { + PERROR("Cannot allocate exclusion_string"); + error = 1; + goto end; + } MSG("All %s events%s are enabled in channel %s for loglevel %s", get_domain_str(dom.type), exclusion_string, @@ -862,6 +894,12 @@ static int enable_events(char *session_name) free(exclusion_string); } else { char *exclusion_string = print_exclusions(exclusion_count, exclusion_list); + + if (!exclusion_string) { + PERROR("Cannot allocate exclusion_string"); + error = 1; + goto end; + } MSG("All %s events%s are enabled in channel %s", get_domain_str(dom.type), exclusion_string, @@ -1128,6 +1166,11 @@ static int enable_events(char *session_name) &ev, channel_name, NULL, exclusion_count, exclusion_list); exclusion_string = print_exclusions(exclusion_count, exclusion_list); + if (!exclusion_string) { + PERROR("Cannot allocate exclusion_string"); + error = 1; + goto end; + } if (command_ret < 0) { /* Turn ret to positive value to handle the positive error code */ switch (-command_ret) { @@ -1187,7 +1230,11 @@ static int enable_events(char *session_name) command_ret = lttng_enable_event_with_exclusions(handle, &ev, channel_name, opt_filter, exclusion_count, exclusion_list); exclusion_string = print_exclusions(exclusion_count, exclusion_list); - + if (!exclusion_string) { + PERROR("Cannot allocate exclusion_string"); + error = 1; + goto end; + } if (command_ret < 0) { switch (-command_ret) { case LTTNG_ERR_FILTER_EXIST: -- 2.34.1