From: Mark Wielaard <mark@klomp.org>
Date: Sat, 19 Mar 2022 00:06:40 +0000 (+0100)
Subject: bpf attr->raw_tracepoint.name may be NULL for BPF_RAW_TRACEPOINT_OPEN.
X-Git-Tag: VALGRIND_3_19_0~26
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=957339db27f7d1603a7217a0f891d91d204d64aa;p=thirdparty%2Fvalgrind.git

bpf attr->raw_tracepoint.name may be NULL for BPF_RAW_TRACEPOINT_OPEN.

For BPF_RAW_TRACEPOINT_OPEN attr->raw_tracepoint.name may be NULL.
Otherwise it should point to a valid (max 128 char) string. Only
raw_tracepoint.prog_fd needs to be set.

https://bugs.kde.org/show_bug.cgi?id=451626
---

diff --git a/NEWS b/NEWS
index 8ed4898aab..404467180e 100644
--- a/NEWS
+++ b/NEWS
@@ -71,6 +71,7 @@ are not entered into bugzilla tend to get forgotten about or ignored.
 450025  Powerc: ACC file not implemented as a logical overlay of the VSR
         registers.
 450536  Powerpc: valgrind throws 'facility scv unavailable exception'
+451626  Syscall param bpf(attr->raw_tracepoint.name) points to unaddressable byte(s)
 
 To see details of a given bug, visit
   https://bugs.kde.org/show_bug.cgi?id=XXXXXX
diff --git a/coregrind/m_syswrap/syswrap-linux.c b/coregrind/m_syswrap/syswrap-linux.c
index b9d531de38..38edccc983 100644
--- a/coregrind/m_syswrap/syswrap-linux.c
+++ b/coregrind/m_syswrap/syswrap-linux.c
@@ -12920,8 +12920,9 @@ PRE(sys_bpf)
                break;
             }
             /* Name is limited to 128 characters in kernel/bpf/syscall.c. */
-            pre_asciiz_str(tid, attr->raw_tracepoint.name, 128,
-                           "bpf(attr->raw_tracepoint.name)");
+            if (attr->raw_tracepoint.name != NULL)
+               pre_asciiz_str(tid, attr->raw_tracepoint.name, 128,
+                              "bpf(attr->raw_tracepoint.name)");
          }
          break;
       case VKI_BPF_BTF_LOAD: