Properly terminate symbol inline location data.

Previously there was no end value on which iteration would stop in case of
the last-in-the-process-space symbol, which resulted in out-of-bounds read.

Workaround has been added for versions < 0.7.2, but no version bump has been
performed (still at 0.7.1). Having two terminator values at the end of the
list is harmless.
This commit is contained in:
Bartosz Taudul 2020-08-20 18:50:20 +02:00
parent 944625b94b
commit 0f13a02062

View File

@ -256,6 +256,7 @@ Worker::Worker( const char* addr, int port )
m_data.localThreadCompress.InitZero(); m_data.localThreadCompress.InitZero();
m_data.callstackPayload.push_back( nullptr ); m_data.callstackPayload.push_back( nullptr );
m_data.zoneExtra.push_back( ZoneExtra {} ); m_data.zoneExtra.push_back( ZoneExtra {} );
m_data.symbolLocInline.push_back( std::numeric_limits<uint64_t>::max() );
memset( (char*)m_gpuCtxMap, 0, sizeof( m_gpuCtxMap ) ); memset( (char*)m_gpuCtxMap, 0, sizeof( m_gpuCtxMap ) );
@ -287,6 +288,7 @@ Worker::Worker( const std::string& program, const std::vector<ImportEventTimelin
m_data.localThreadCompress.InitZero(); m_data.localThreadCompress.InitZero();
m_data.callstackPayload.push_back( nullptr ); m_data.callstackPayload.push_back( nullptr );
m_data.zoneExtra.push_back( ZoneExtra {} ); m_data.zoneExtra.push_back( ZoneExtra {} );
m_data.symbolLocInline.push_back( std::numeric_limits<uint64_t>::max() );
m_data.lastTime = 0; m_data.lastTime = 0;
if( !timeline.empty() ) if( !timeline.empty() )
@ -1381,7 +1383,14 @@ Worker::Worker( FileRead& f, EventType::Type eventMask, bool bgTasks )
f.Read( sz ); f.Read( sz );
m_data.symbolLoc.reserve_exact( sz, m_slab ); m_data.symbolLoc.reserve_exact( sz, m_slab );
f.Read( sz ); f.Read( sz );
if( fileVer < FileVersion( 0, 7, 2 ) )
{
m_data.symbolLocInline.reserve_exact( sz + 1, m_slab );
}
else
{
m_data.symbolLocInline.reserve_exact( sz, m_slab ); m_data.symbolLocInline.reserve_exact( sz, m_slab );
}
f.Read( sz ); f.Read( sz );
m_data.symbolMap.reserve( sz ); m_data.symbolMap.reserve( sz );
int symIdx = 0; int symIdx = 0;
@ -1404,6 +1413,10 @@ Worker::Worker( FileRead& f, EventType::Type eventMask, bool bgTasks )
m_data.symbolLoc[symIdx++] = SymbolLocation { symAddr, size.Val() }; m_data.symbolLoc[symIdx++] = SymbolLocation { symAddr, size.Val() };
} }
} }
if( fileVer < FileVersion( 0, 7, 2 ) )
{
m_data.symbolLocInline[symInlineIdx] = std::numeric_limits<uint64_t>::max();
}
} }
else else
{ {
@ -1427,6 +1440,7 @@ Worker::Worker( FileRead& f, EventType::Type eventMask, bool bgTasks )
m_data.symbolLoc.push_back( SymbolLocation { symAddr, size.Val() } ); m_data.symbolLoc.push_back( SymbolLocation { symAddr, size.Val() } );
} }
} }
m_data.symbolLocInline.push_back( std::numeric_limits<uint64_t>::max() );
} }
#ifdef NO_PARALLEL_SORT #ifdef NO_PARALLEL_SORT
pdqsort_branchless( m_data.symbolLoc.begin(), m_data.symbolLoc.end(), [] ( const auto& l, const auto& r ) { return l.addr < r.addr; } ); pdqsort_branchless( m_data.symbolLoc.begin(), m_data.symbolLoc.end(), [] ( const auto& l, const auto& r ) { return l.addr < r.addr; } );