mirrors/linux
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git synced 2025-12-28 12:37:55 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
dc3382fffdec2c1d6df5836c88fa37b39cd8651e
linux/kernel
History
Wang Liang dc3382fffd tracing: kprobe-event: Fix null-ptr-deref in trace_kprobe_create_internal() 
A crash was observed with the following output:

Oops: general protection fault, probably for non-canonical address 0xdffffc0000000000: 0000 [#1] SMP KASAN PTI
KASAN: null-ptr-deref in range [0x0000000000000000-0x0000000000000007]
CPU: 1 UID: 0 PID: 2899 Comm: syz.2.399 Not tainted 6.17.0-rc5+ #5 PREEMPT(none)
RIP: 0010:trace_kprobe_create_internal+0x3fc/0x1440 kernel/trace/trace_kprobe.c:911
Call Trace:
 <TASK>
 trace_kprobe_create_cb+0xa2/0xf0 kernel/trace/trace_kprobe.c:1089
 trace_probe_create+0xf1/0x110 kernel/trace/trace_probe.c:2246
 dyn_event_create+0x45/0x70 kernel/trace/trace_dynevent.c:128
 create_or_delete_trace_kprobe+0x5e/0xc0 kernel/trace/trace_kprobe.c:1107
 trace_parse_run_command+0x1a5/0x330 kernel/trace/trace.c:10785
 vfs_write+0x2b6/0xd00 fs/read_write.c:684
 ksys_write+0x129/0x240 fs/read_write.c:738
 do_syscall_x64 arch/x86/entry/syscall_64.c:63 [inline]
 do_syscall_64+0x5d/0x2d0 arch/x86/entry/syscall_64.c:94
 </TASK>

Function kmemdup() may return NULL in trace_kprobe_create_internal(), add
check for it's return value.

Link: https://lore.kernel.org/all/20250916075816.3181175-1-wangliang74@huawei.com/

Fixes: 33b4e38baa ("tracing: kprobe-event: Allocate string buffers from heap")
Signed-off-by: Wang Liang <wangliang74@huawei.com>
Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
2025-09-18 07:36:41 +09:00
..
bpf
bpf: Reject bpf_timer for PREEMPT_RT
2025-09-10 12:34:09 -07:00
cgroup
cgroup: avoid null de-ref in css_rstat_exit()
2025-08-09 08:46:32 -10:00
configs
configs/hardening: Enable CONFIG_INIT_ON_FREE_DEFAULT_ON
2025-07-21 21:41:57 -07:00
debug
Merge tag 'tty-6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/gregkh/tty
2025-04-02 18:17:33 -07:00
dma
dma-debug: don't enforce dma mapping check on noncoherent allocations
2025-09-02 10:18:16 +02:00
entry
Merge tag 'for-linus' of git://git.kernel.org/pub/scm/virt/kvm/kvm
2025-07-30 17:14:01 -07:00
events
perf: Fix the POLL_HUP delivery breakage
2025-09-03 10:10:59 +02:00
futex
futex: Move futex_hash_free() back to __mmput()
2025-08-31 11:48:19 +02:00
gcov
kbuild: require gcc-8 and binutils-2.30
2025-04-30 21:53:35 +02:00
irq
genirq/test: Resolve irq lock inversion warnings
2025-08-06 10:29:48 +02:00
kcsan
kcsan: test: Initialize dummy variable
2025-07-23 08:51:32 +02:00
livepatch
sched,livepatch: Untangle cond_resched() and live-patching
2025-05-14 13:16:24 +02:00
locking
Merge tag 'locking_urgent_for_v6.17_rc2' of git://git.kernel.org/pub/scm/linux/kernel/git/tip/tip
2025-08-17 05:57:47 -07:00
module
Merge tag 'mm-stable-2025-08-03-12-35' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-08-05 16:02:07 +03:00
power
Merge branches 'pm-sleep' and 'pm-em'
2025-09-11 14:22:35 +02:00
printk
Merge tag 'printk-for-6.17' of git://git.kernel.org/pub/scm/linux/kernel/git/printk/linux
2025-08-04 10:54:36 -07:00
rcu
rcu: Fix racy re-initialization of irq_work causing hangs
2025-08-11 08:43:49 +05:30
sched
sched: Fix sched_numa_find_nth_cpu() if mask offline
2025-09-03 12:20:06 -04:00
time
hrtimers: Unconditionally update target CPU base after offline timer migration
2025-09-09 14:05:16 +02:00
trace
tracing: kprobe-event: Fix null-ptr-deref in trace_kprobe_create_internal()
2025-09-18 07:36:41 +09:00
unwind
unwind: Finish up unwind when a task exits
2025-07-31 10:20:11 -04:00
.gitignore
kheaders: rebuild kheaders_data.tar.xz when a file is modified within a minute
2025-06-24 20:30:37 +09:00
acct.c
acct: block access to kernel internal filesystems
2025-02-12 12:24:16 +01:00
async.c
audit_fsnotify.c
audit_tree.c
replace collect_mounts()/drop_collected_mounts() with a safer variant
2025-06-23 14:01:49 -04:00
audit_watch.c
fs: add kern_path_locked_negative()
2025-04-15 11:32:34 +02:00
audit.c
audit: record AUDIT_ANOM_* events regardless of presence of rules
2025-04-11 14:14:41 -04:00
audit.h
audit,module: restore audit logging in load failure case
2025-06-16 17:00:06 -04:00
auditfilter.c
audit: fix out-of-bounds read in audit_compare_dname_path()
2025-09-03 16:46:23 -04:00
auditsc.c
audit,module: restore audit logging in load failure case
2025-06-16 17:00:06 -04:00
backtracetest.c
backtracetest: add MODULE_DESCRIPTION()
2024-06-24 22:24:55 -07:00
bounds.c
bounds: Use the right number of bits for power-of-two CONFIG_NR_CPUS
2024-04-29 08:29:29 -07:00
capability.c
capability: Remove unused has_capability
2025-03-07 22:03:09 -06:00
cfi.c
cfi: Move BPF CFI types and helpers to generic code
2025-07-31 18:23:53 -07:00
compat.c
configs.c
context_tracking.c
context_tracking: Make RCU watch ct_kernel_exit_state() warning
2025-03-04 18:44:29 -08:00
cpu_pm.c
cpu.c
cpu: Remove obsolete comment from takedown_cpu()
2025-08-06 22:48:12 +02:00
crash_core.c
kdump: wait for DMA to finish when using CMA
2025-07-19 19:08:23 -07:00
crash_dump_dm_crypt.c
crash_dump: retrieve dm crypt keys in kdump kernel
2025-05-21 10:48:21 -07:00
crash_reserve.c
kdump: implement reserve_crashkernel_cma
2025-07-19 19:08:23 -07:00
cred.c
cred: remove old {override,revert}_creds() helpers
2024-12-02 11:25:09 +01:00
delayacct.c
delayacct: remove redundant code and adjust indentation
2025-05-27 19:40:33 -07:00
dma.c
elfcorehdr.c
exec_domain.c
exit.c
Merge tag 'mm-nonmm-stable-2025-08-03-12-47' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-08-03 16:23:09 -07:00
exit.h
extable.c
fail_function.c
fork.c
futex: Move futex_hash_free() back to __mmput()
2025-08-31 11:48:19 +02:00
freezer.c
sched,freezer: Remove unnecessary warning in __thaw_task
2025-07-17 07:56:50 -10:00
gen_kheaders.sh
kheaders: make it possible to override TAR
2025-08-06 10:23:36 +09:00
groups.c
hung_task.c
hung_task: extend hung task blocker tracking to rwsems
2025-07-19 19:08:26 -07:00
iomem.c
mm/memremap: Pass down MEMREMAP_* flags to arch_memremap_wb()
2025-02-21 15:05:38 +01:00
irq_work.c
kasan: make kasan_record_aux_stack_noalloc() the default behaviour
2025-01-13 22:40:36 -08:00
jump_label.c
jump_label: Use RCU in all users of __module_text_address().
2025-03-10 11:54:46 +01:00
kallsyms_internal.h
kallsyms: get rid of code for absolute kallsyms
2024-07-20 16:33:21 +09:00
kallsyms_selftest.c
kallsyms: Use kthread_run_on_cpu()
2025-01-02 22:12:12 +01:00
kallsyms_selftest.h
kallsyms.c
bpf: Clean up individual BTF_ID code
2025-07-16 18:34:42 -07:00
kcmp.c
kcmp: improve performance adding an unlikely hint to task comparisons
2025-02-21 10:25:33 +01:00
Kconfig.freezer
Kconfig.hz
kernel: Fix "select" wording on HZ_250 description
2025-02-21 09:20:30 +01:00
Kconfig.kexec
kho: mm: don't allow deferred struct page with KHO
2025-08-19 16:35:53 -07:00
Kconfig.locks
Kconfig.preempt
sched: No PREEMPT_RT=y for all{yes,mod}config
2024-11-07 15:25:05 +01:00
kcov.c
kcov: fix typo in comment of kcov_fault_in_area
2025-07-09 22:57:52 -07:00
kexec_core.c
Merge tag 'mm-nonmm-stable-2025-08-03-12-47' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-08-03 16:23:09 -07:00
kexec_elf.c
kexec: initialize ELF lowest address to ULONG_MAX
2025-03-16 22:30:47 -07:00
kexec_file.c
Merge tag 'mm-nonmm-stable-2025-08-03-12-47' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-08-03 16:23:09 -07:00
kexec_handover.c
kho: warn if KHO is disabled due to an error
2025-08-19 16:35:53 -07:00
kexec_internal.h
kexec: enable CMA based contiguous allocation
2025-08-02 12:01:38 -07:00
kexec.c
kexec: enable CMA based contiguous allocation
2025-08-02 12:01:38 -07:00
kheaders.c
kheaders: Simplify attribute through __BIN_ATTR_SIMPLE_RO()
2024-12-24 09:46:49 +01:00
kprobes.c
kprobes: Add missing kerneldoc for __get_insn_slot
2025-07-15 18:45:34 +09:00
kstack_erase.c
stackleak: Rename stackleak_track_stack to __sanitizer_cov_stack_depth
2025-07-21 21:40:39 -07:00
ksyms_common.c
ksysfs.c
kernel/ksysfs.c: simplify bin_attribute definition
2025-01-07 16:59:15 +01:00
kthread.c
ipvs: Fix estimator kthreads preferred affinity
2025-08-13 08:34:33 +02:00
latencytop.c
treewide: const qualify ctl_tables where applicable
2025-01-28 13:48:37 +01:00
Makefile
Merge tag 'kbuild-v6.17-2' of git://git.kernel.org/pub/scm/linux/kernel/git/masahiroy/linux-kbuild
2025-08-06 07:32:52 +03:00
module_signature.c
notifier.c
reboot: move reboot_notifier_list to kernel/reboot.c
2024-11-05 17:12:31 -08:00
nsproxy.c
kernel/nsproxy: remove unnecessary guards
2025-05-09 13:13:54 +02:00
padata.c
padata: use cpumask_nth()
2025-06-13 17:26:17 +08:00
panic.c
Merge tag 'mm-nonmm-stable-2025-08-03-12-47' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-08-03 16:23:09 -07:00
params.c
params: Replace deprecated strcpy() with strscpy() and memcpy()
2025-08-16 21:47:25 +02:00
pid_namespace.c
pid: Do not set pid_max in new pid namespaces
2025-03-06 10:18:36 +01:00
pid_sysctl.h
treewide: const qualify ctl_tables where applicable
2025-01-28 13:48:37 +01:00
pid.c
Merge tag 'sysctl-6.17-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/sysctl/sysctl
2025-07-29 21:43:08 -07:00
profile.c
profiling: remove profile=sleep support
2024-08-04 13:36:28 -07:00
ptrace.c
ptrace: introduce PTRACE_SET_SYSCALL_INFO request
2025-05-11 17:48:15 -07:00
range.c
reboot.c
Merge tag 'mm-nonmm-stable-2025-03-30-18-23' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-04-01 10:06:52 -07:00
regset.c
regset: use kvzalloc() for regset_get_alloc()
2024-04-25 21:07:03 -07:00
relay.c
relayfs: support a counter tracking if data is too big to write
2025-07-09 22:57:52 -07:00
resource_kunit.c
resource, kunit: fix user-after-free in resource_test_region_intersects()
2024-10-09 12:47:19 -07:00
resource.c
resource: fix false warning in __request_region()
2025-07-24 17:57:59 -07:00
rseq.c
rseq: Fix segfault on registration when rseq_cs is non-zero
2025-03-06 22:26:49 +01:00
scftorture.c
scftorture: Handle NULL argument passed to scf_add_to_free_list().
2024-11-14 16:09:51 -08:00
scs.c
seccomp.c
seccomp: avoid the lock trip seccomp_filter_release in common case
2025-02-24 11:17:10 -08:00
signal.c
signal: Fix memory leak for PIDFD_SELF* sentinels
2025-08-19 13:51:28 +02:00
smp.c
smp: Fix spelling in on_each_cpu_cond_mask()'s doc-comment
2025-08-02 14:24:50 +02:00
smpboot.c
sched/smp: Use the SMP version of idle_thread_set_boot_cpu()
2025-06-13 08:47:20 +02:00
smpboot.h
softirq.c
lockdep: Fix wait context check on softirq for PREEMPT_RT
2025-03-25 10:46:44 +01:00
stacktrace.c
static_call_inline.c
Merge tag 'modules-6.15-rc1' of git://git.kernel.org/pub/scm/linux/kernel/git/modules/linux
2025-03-30 15:44:36 -07:00
static_call.c
stop_machine.c
sched/core: Fix migrate_swap() vs. hotplug
2025-07-01 15:02:03 +02:00
sys_ni.c
Merge tag 'probes-v6.11' of git://git.kernel.org/pub/scm/linux/kernel/git/trace/linux-trace
2024-07-18 12:19:20 -07:00
sys.c
Merge tag 'mm-stable-2025-07-30-15-25' of git://git.kernel.org/pub/scm/linux/kernel/git/akpm/mm
2025-07-31 14:57:54 -07:00
sysctl-test.c
sysctl: move u8 register test to lib/test_sysctl.c
2025-04-14 14:13:41 +02:00
sysctl.c
sysctl: rename kern_table -> sysctl_subsys_table
2025-07-23 11:56:02 +02:00
task_work.c
kasan: make kasan_record_aux_stack_noalloc() the default behaviour
2025-01-13 22:40:36 -08:00
taskstats.c
fdget(), more trivial conversions
2024-11-03 01:28:06 -05:00
torture.c
torture: Add get_torture_init_jiffies() for test-start time
2025-02-05 07:14:24 -08:00
tracepoint.c
tracepoint: Print the function symbol when tracepoint_debug is set
2025-03-21 15:30:10 -04:00
tsacct.c
tsacct: replace strncpy() with strscpy()
2024-07-12 16:39:53 -07:00
ucount.c
ucount: use atomic_long_try_cmpxchg() in atomic_long_inc_below()
2025-08-02 12:01:38 -07:00
uid16.c
uid16.h
umh.c
treewide: const qualify ctl_tables where applicable
2025-01-28 13:48:37 +01:00
up.c
user_namespace.c
uidgid: add map_id_range_up()
2025-02-12 12:12:27 +01:00
user-return-notifier.c
user.c
uidgid: make sure we fit into one cacheline
2024-09-12 12:16:09 +02:00
utsname_sysctl.c
treewide: const qualify ctl_tables where applicable
2025-01-28 13:48:37 +01:00
utsname.c
vhost_task.c
vhost: Use ERR_CAST inlined function instead of ERR_PTR(PTR_ERR(...))
2025-08-01 09:11:08 -04:00
vmcore_info.c
crash: export PAGE_UNACCEPTED_MAPCOUNT_VALUE to vmcoreinfo
2025-05-11 17:54:04 -07:00
watch_queue.c
Merge tag 'vfs-6.15-rc1.pipe' of git://git.kernel.org/pub/scm/linux/kernel/git/vfs/vfs
2025-03-24 09:52:37 -07:00
watchdog_buddy.c
watchdog: fix opencoded cpumask_next_wrap() in watchdog_next_cpu()
2025-07-31 11:28:03 -04:00
watchdog_perf.c
watchdog/perf: Provide function for adjusting the event period
2025-07-04 13:17:30 +01:00
watchdog.c
kernel/watchdog: add /sys/kernel/{hard,soft}lockup_count
2025-05-21 10:48:22 -07:00
workqueue_internal.h
workqueue.c
Merge tag 'wq-for-6.17' of git://git.kernel.org/pub/scm/linux/kernel/git/tj/wq
2025-07-31 15:40:22 -07:00