From: Adhemerval Zanella <adhemerval.zanella@linaro.org>
Date: Fri, 25 Apr 2025 18:27:08 +0000 (-0300)
Subject: gmon: Fix UB in sprofil
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=6deb970376e62e7c527e766a195f47b5b81c94de;p=thirdparty%2Fglibc.git

gmon: Fix UB in sprofil

UBSAN: Undefined behaviour in ../sysdeps/posix/sprofil.c:272:16 variable length array bound evaluates to non-positive value 0

Move the VLA to after the porfile stop condition (where size might
be zero).
---

diff --git a/sysdeps/posix/sprofil.c b/sysdeps/posix/sprofil.c
index 0af671d001..0a3d1a8e50 100644
--- a/sysdeps/posix/sprofil.c
+++ b/sysdeps/posix/sprofil.c
@@ -269,7 +269,6 @@ int
 __sprofil (struct prof *profp, int profcnt, struct timeval *tvp,
 	   unsigned int flags)
 {
-  struct prof *p[profcnt];
   struct itimerval timer;
   struct sigaction act;
   int i;
@@ -295,6 +294,7 @@ __sprofil (struct prof *profp, int profcnt, struct timeval *tvp,
       return 0;
     }
 
+  struct prof *p[profcnt];
   prof_info.num_regions = 0;
   prof_info.region = NULL;
   prof_info.overflow = &default_overflow_region;