From c17c17e8c26a5d44b3a8a6ef8c55233d72eed6c0 Mon Sep 17 00:00:00 2001 From: Arnaldo Carvalho de Melo Date: Mon, 1 Aug 2016 18:49:13 -0300 Subject: [PATCH] perf annotate: Plug filename string leak If dso__build_id_filename(..., NULL, ...) returns !NULL its because it allocated it, so, when reaching the 'if (dso__is_kcore()) test, we already checked that and were just "fallbacking" to using dso->long_name, but without freeing filename, thus leaking it. Fix it by adding the dso__is_kcore() test to the 'or' group just after it, the one containing the full fallback code, including freeing the filename. Cc: Adrian Hunter Cc: David Ahern Cc: Jiri Olsa Cc: Namhyung Kim Cc: Wang Nan Fixes: ee205503f233 ("perf tools: Fix annotation with kcore") Link: http://lkml.kernel.org/n/tip-qi4rpjq8yo6myvg99kkgt0xz@git.kernel.org Signed-off-by: Arnaldo Carvalho de Melo --- tools/perf/util/annotate.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/tools/perf/util/annotate.c b/tools/perf/util/annotate.c index 4982ed487e96..4024d309bb00 100644 --- a/tools/perf/util/annotate.c +++ b/tools/perf/util/annotate.c @@ -1185,9 +1185,8 @@ int symbol__disassemble(struct symbol *sym, struct map *map, size_t privsize) if (dso->has_build_id) return ENOMEM; goto fallback; - } else if (dso__is_kcore(dso)) { - goto fallback; - } else if (readlink(symfs_filename, command, sizeof(command)) < 0 || + } else if (dso__is_kcore(dso) || + readlink(symfs_filename, command, sizeof(command)) < 0 || strstr(command, DSO__NAME_KALLSYMS) || access(symfs_filename, R_OK)) { free(filename);