projects / lttng-modules.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
Fix: notification capture: handle userspace strings
[lttng-modules.git] / src / lttng-abi.c
diff --git a/src/lttng-abi.c b/src/lttng-abi.c
index c0ab0a488d7cade60defda6404badfc2e7061059..59fea6266a840fd53e568c6526f12a60ccb72333 100644 (file)
--- a/src/lttng-abi.c
+++ b/src/lttng-abi.c
@@ -650,6 +650,8 @@ long lttng_counter_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
                if (validate_zeroed_padding(local_counter_read.padding,
                                sizeof(local_counter_read.padding)))
                        return -EINVAL;
+               if (local_counter_read.index.number_dimensions > LTTNG_KERNEL_ABI_COUNTER_DIMENSION_MAX)
+                       return -EINVAL;
 
                /* Cast all indexes into size_t. */
                for (i = 0; i < local_counter_read.index.number_dimensions; i++)
@@ -685,6 +687,8 @@ long lttng_counter_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
                if (validate_zeroed_padding(local_counter_aggregate.padding,
                                sizeof(local_counter_aggregate.padding)))
                        return -EINVAL;
+               if (local_counter_aggregate.index.number_dimensions > LTTNG_KERNEL_ABI_COUNTER_DIMENSION_MAX)
+                       return -EINVAL;
 
                /* Cast all indexes into size_t. */
                for (i = 0; i < local_counter_aggregate.index.number_dimensions; i++)
@@ -716,6 +720,8 @@ long lttng_counter_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
                if (validate_zeroed_padding(local_counter_clear.padding,
                                sizeof(local_counter_clear.padding)))
                        return -EINVAL;
+               if (local_counter_clear.index.number_dimensions > LTTNG_KERNEL_ABI_COUNTER_DIMENSION_MAX)
+                       return -EINVAL;
 
                /* Cast all indexes into size_t. */
                for (i = 0; i < local_counter_clear.index.number_dimensions; i++)
@@ -724,7 +730,6 @@ long lttng_counter_ioctl(struct file *file, unsigned int cmd, unsigned long arg)
                return lttng_kernel_counter_clear(counter, indexes);
        }
        default:
-               WARN_ON_ONCE(1);
                return -ENOSYS;
        }
 }
@@ -1011,7 +1016,7 @@ ssize_t lttng_event_notifier_group_notif_read(struct file *filp, char __user *us
 
        /* Finish copy of previous record */
        if (*ppos != 0) {
-               if (read_count < count) {
+               if (count != 0) {
                        len = chan->iter.len_left;
                        read_offset = *ppos;
                        goto skip_get_next;
@@ -1091,7 +1096,8 @@ nodata:
        chan->iter.len_left = 0;
 
 put_record:
-       lib_ring_buffer_put_current_record(buf);
+       if (*ppos == 0)
+               lib_ring_buffer_put_current_record(buf);
        return read_count;
 }
 
LTTng 2.0/0.x modules
This page took 0.023572 seconds and 4 git commands to generate.