leandrof/linux
1
0
Fork 0
forked from Minki/linux
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Vince Weaver reported a warning when he added perf event filters

Browse Source 
into his fuzzer tests. There's a missing check of balanced
 operations when parenthesis are used, and this triggers a WARN_ON()
 and when reading the failure, the filter reports no failure occurred.
 
 The operands were not being checked if they match, this adds that.
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v1
 
 iQEcBAABAgAGBQJVgWlDAAoJEEjnJuOKh9ldPrUH/0JPSQsQ6luazLvzicqDaDe6
 CIWw3sygSeKrD/IWfEZqlUZFI0fmUu4F61BPimwMZ2i03epT5hEO1EgVnuYK9EX6
 jjrSXIinC8TzSG2+SGM+fITPgByAwT6wg2fadV5RvX6ymERO+pari1mUfLAKQeit
 /Ai+CsRsQTfh63c998hDtULrLHk/RkQy2GE5p1oF/+peo/1P35LL2BVtOIOWUvMZ
 Zf0T58LmSp7QmwGrJm+Wl3FewuwhOErqgTbxbAn15tXZoYzF4uuH2dU/pcHgAYwB
 O1ERVc7IhYIwj2O0GeUfTVS1Ukdq6qbZyfPgBFnWksEz97DiFsCmIQKLzGgbdsk=
 =avE6
 -----END PGP SIGNATURE-----

Merge tag 'trace-fix-filter-4.1-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace

Pull tracing filter fix from Steven Rostedt:
 "Vince Weaver reported a warning when he added perf event filters into
  his fuzzer tests.  There's a missing check of balanced operations when
  parenthesis are used, and this triggers a WARN_ON() and when reading
  the failure, the filter reports no failure occurred.

  The operands were not being checked if they match, this adds that"

* tag 'trace-fix-filter-4.1-rc8' of git://git.kernel.org/pub/scm/linux/kernel/git/rostedt/linux-trace:
  tracing: Have filter check for balanced ops
This commit is contained in:
Linus Torvalds 2015-06-17 20:56:57 -10:00
commit 17fda38f15
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
kernel/trace/trace_events_filter.c
View File

@ -1369,19 +1369,26 @@ static int check_preds(struct filter_parse_state *ps)
{
int n_normal_preds = 0, n_logical_preds = 0;
struct postfix_elt *elt;
int cnt = 0;
list_for_each_entry(elt, &ps->postfix, list) {
if (elt->op == OP_NONE)
if (elt->op == OP_NONE) {
cnt++;
continue;
}
if (elt->op == OP_AND || elt->op == OP_OR) {
n_logical_preds++;
cnt--;
continue;
}
if (elt->op != OP_NOT)
cnt--;
n_normal_preds++;
WARN_ON_ONCE(cnt < 0);
}
if (!n_normal_preds || n_logical_preds >= n_normal_preds) {
if (cnt != 1 || !n_normal_preds || n_logical_preds >= n_normal_preds) {
parse_error(ps, FILT_ERR_INVALID_FILTER, 0);
return -EINVAL;
}