[4/8] trace-cmd dump: Prevent buffer overrun in dump_clock()

Commit Message

Jerome Marchand Oct. 29, 2024, 8:01 a.m. UTC

The clock isn't big enough to hold the string with the null
terminating character. Worse, clock[size], which is out of range, is
set to 0. Allocate a big enough buffer.

Fixes an OVERRUN error (CWE-119)

Signed-off-by: Jerome Marchand <jmarchan@redhat.com>
---
 tracecmd/trace-dump.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

Patch

diff --git a/tracecmd/trace-dump.c b/tracecmd/trace-dump.c
index 11c1baf1..0a21356e 100644
--- a/tracecmd/trace-dump.c
+++ b/tracecmd/trace-dump.c
@@ -961,7 +961,7 @@  static void dump_clock(int fd)
 	}
 	if (read_file_number(fd, &size, 8))
 		die("cannot read clock size");
-	clock = calloc(1, size);
+	clock = calloc(1, size + 1);
 	if (!clock)
 		die("cannot allocate clock %lld bytes", size);