perf build-id: Ensure snprintf string is empty when size is 0

AnubhavS1 · AnubhavS1 · commit e82b970c922a · 2025-10-14T12:50:57.000+01:00
JIRA: https://issues.redhat.com/browse/RHEL-78200 upstream ======== commit 0dc96ca Author: Ian Rogers <irogers@google.com> Date: Thu Sep 18 10:24:16 2025 -0700 description =========== The string result of build_id__snprintf() is unconditionally used in places like dsos__fprintf_buildid_cb(). If the build id has size 0 then this creates a use of uninitialized memory. Add null termination for the size 0 case. A similar fix was written by Jiri Olsa in commit 6311951 ("perf tools: Initialize output buffer in build_id__sprintf") but lost in the transition to snprintf. Fixes: fccaaf6 ("perf build-id: Change sprintf functions to snprintf") Signed-off-by: Ian Rogers <irogers@google.com> Cc: Adrian Hunter <adrian.hunter@intel.com> Cc: Alexander Shishkin <alexander.shishkin@linux.intel.com> Cc: Howard Chu <howardchu95@gmail.com> Cc: Ingo Molnar <mingo@redhat.com> Cc: James Clark <james.clark@linaro.org> Cc: Jiri Olsa <jolsa@kernel.org> Cc: Kan Liang <kan.liang@linux.intel.com> Cc: Mark Rutland <mark.rutland@arm.com> Cc: Namhyung Kim <namhyung@kernel.org> Cc: Peter Zijlstra <peterz@infradead.org> Signed-off-by: Arnaldo Carvalho de Melo <acme@redhat.com> Signed-off-by: Anubhav Shelat <ashelat@redhat.com>
diff --git a/tools/perf/util/build-id.c b/tools/perf/util/build-id.c
@@ -86,6 +86,13 @@ int build_id__snprintf(const struct build_id *build_id, char *bf, size_t bf_size
 {
 	size_t offs = 0;
 
+	if (build_id->size == 0) {
+		/* Ensure bf is always \0 terminated. */
+		if (bf_size > 0)
+			bf[0] = '\0';
+		return 0;
+	}
+
 	for (size_t i = 0; i < build_id->size && offs < bf_size; ++i)
 		offs += snprintf(bf + offs, bf_size - offs, "%02x", build_id->data[i]);
 
