[PATCH] perf/arm-cmn: Fix filter_sel lookup

Robin Murphy robin.murphy at arm.com
Tue May 10 14:23:08 PDT 2022


Carefully considering the bounds of an array is all well and good,
until you forget that that array also contains a NULL sentinel at
the end and dereference it. So close...

Reported-by: Qian Cai <quic_qiancai at quicinc.com>
Signed-off-by: Robin Murphy <robin.murphy at arm.com>
---
 drivers/perf/arm-cmn.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/drivers/perf/arm-cmn.c b/drivers/perf/arm-cmn.c
index 15586bbec2f7..282d2f874ec1 100644
--- a/drivers/perf/arm-cmn.c
+++ b/drivers/perf/arm-cmn.c
@@ -1514,7 +1514,7 @@ static enum cmn_filter_select arm_cmn_filter_sel(enum cmn_model model,
 	struct arm_cmn_event_attr *e;
 	int i;
 
-	for (i = 0; i < ARRAY_SIZE(arm_cmn_event_attrs); i++) {
+	for (i = 0; i < ARRAY_SIZE(arm_cmn_event_attrs) - 1; i++) {
 		e = container_of(arm_cmn_event_attrs[i], typeof(*e), attr.attr);
 		if (e->model & model && e->type == type && e->eventid == eventid)
 			return e->fsel;
-- 
2.35.3.dirty




More information about the linux-arm-kernel mailing list