From 021da909bcbf657ceccbc1bcfa34b3d5c029be80 Mon Sep 17 00:00:00 2001 From: "Steven Rostedt (Google)" Date: Fri, 14 Jun 2024 15:54:56 -0400 Subject: [PATCH 7/7] libtraceevent: Do not return a local stack pointer in get_field_str() Jerome Marchand sent a patch with the description of: The function get_field_str() can return a pointer to string on the stack. Replace it by a global variable. Fixes a RETURN_LOCAL error (CWE-562) But made hex a global variable. Having a generic name "hex" as a global variable in a library will cause a lot of issues. Just make it a static variable, and then it can be used outside the function. Link: https://lore.kernel.org/linux-trace-devel/20240607160542.46152-5-jmarchan@redhat.com/ Link: https://lore.kernel.org/linux-trace-devel/20240614155456.092944eb@rorschach.local.home Fixes: dee43d8067350 ("tools lib traceevent: Let filtering numbers by string use function names") Reported-by: "Jerome Marchand" Signed-off-by: Steven Rostedt (Google) --- src/parse-filter.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/parse-filter.c b/src/parse-filter.c index e448ee2..75b84a0 100644 --- a/src/parse-filter.c +++ b/src/parse-filter.c @@ -1704,8 +1704,8 @@ static const char *get_field_str(struct tep_filter_arg *arg, struct tep_record * struct tep_handle *tep; unsigned long long addr; const char *val = NULL; + static char hex[64]; unsigned int size; - char hex[64]; /* If the field is not a string convert it */ if (arg->str.field->flags & TEP_FIELD_IS_STRING) { -- 2.45.2