From 6390a48a6dfb88c9692af877e1767ce6cc8030d0 Mon Sep 17 00:00:00 2001
From: David Smith <dsmith@redhat.com>
Date: Tue, 26 Jan 2010 13:40:51 -0600
Subject: Fixed PR 11223 by null terminating strings in procfs write probes.

* tapset-procfs.cxx (procfs_var_expanding_visitor::visit_target_symbol):
  Correctly null terminate strings in procfs write probes.
* testsuite/systemtap.base/procfs_write.exp: New test.
---
 tapset-procfs.cxx | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'tapset-procfs.cxx')

diff --git a/tapset-procfs.cxx b/tapset-procfs.cxx
index aa75af42..f5ab95f8 100644
--- a/tapset-procfs.cxx
+++ b/tapset-procfs.cxx
@@ -383,9 +383,10 @@ procfs_var_expanding_visitor::visit_target_symbol (target_symbol* e)
   string locvalue = "CONTEXT->data";
 
   if (! lvalue)
-    ec->code = string("_stp_copy_from_user(THIS->__retvalue, ((struct _stp_procfs_data *)(")
-      + locvalue + string("))->buffer, ((struct _stp_procfs_data *)(") + locvalue
-      + string("))->count); /* pure */");
+    ec->code = string("    struct _stp_procfs_data *data = (struct _stp_procfs_data *)(") + locvalue + string("); /* pure */\n")
+	
+      + string("    _stp_copy_from_user(THIS->__retvalue, data->buffer, data->count);\n")
+      + string("    THIS->__retvalue[data->count] = '\\0';\n");
   else
       ec->code = string("int bytes = 0;\n")
 	+ string("    struct _stp_procfs_data *data = (struct _stp_procfs_data *)(") + locvalue + string(");\n")
-- 
cgit