From cde7c781e172c1fd55f74550b66712540a677d85 Mon Sep 17 00:00:00 2001
From: Justus Winter <4winter@informatik.uni-hamburg.de>
Date: Tue, 16 Dec 2014 23:52:28 +0100
Subject: kern: gracefully handle bogus sample pc sequence number

If a sequence number larger than the sample control sequence number is
supplied, `nsamples' becomes negative.  Handle this gracefully.

* kern/pc_sample.c (get_sampled_pcs): Handle bogus sequence number.
---
 kern/pc_sample.c | 3 +++
 1 file changed, 3 insertions(+)

(limited to 'kern')

diff --git a/kern/pc_sample.c b/kern/pc_sample.c
index 81b2056..fcb9d71 100644
--- a/kern/pc_sample.c
+++ b/kern/pc_sample.c
@@ -189,6 +189,9 @@ get_sampled_pcs(
 		   (sampled_pc_array_t)cp->buffer,
 		   (seqidx2 + 1) * sizeof(sampled_pc_t));
 	}
+    } else if (nsamples < 0) {
+	/* Bogus SEQNO supplied.  */
+	nsamples = 0;
     } else {
 	/*  could either be zero because of overflow, or because
 	 *  we are being lied to.  In either case, return nothing.
-- 
cgit v1.2.3