| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Sep 2022 11:22:47 +0800
From: Xin Liu <liuxin350@...wei.com>
To: <haoluo@...gle.com>
CC: <andrii@...nel.org>, <ast@...nel.org>, <bpf@...r.kernel.org>,
<daniel@...earbox.net>, <john.fastabend@...il.com>,
<jolsa@...nel.org>, <kongweibin2@...wei.com>, <kpsingh@...nel.org>,
<linux-kernel@...r.kernel.org>, <liuxin350@...wei.com>,
<martin.lau@...ux.dev>, <sdf@...gle.com>, <song@...nel.org>,
<wuchangye@...wei.com>, <xiesongyang@...wei.com>,
<yanan@...wei.com>, <yhs@...com>, <zhudi2@...wei.com>
Subject: Re: [PATCH] libbpf: adjust OPTS_VALID logic, so that it can be used correctly
On Wed, 14 Sep 2022 at 6:15:39 PM Hao Luo <haoluo@...gle.com> wrote:
> Hi Xin,
>
> On Wed, Sep 14, 2022 at 5:35 AM Xin Liu <liuxin350@...wei.com> wrote:
> >
> > We found that function btf_dump__dump_type_data can be called by the user
> > as an api, but in this function, the `opts` parameter may be used as a
> > null pointer, because OPTS_VALID can't properly prevent opts used as null
> > pointers during verification. Therefore, we fix this problem through this
> > modification.
> >
> > This modification has no impact on other places where OPTS_VALID has been
> > used.
>
> I think this is a bug of btf_dump__dump_type_data(), not OPTS_VALID.
> It seems allowing OPTS_VALID to accept NULL is the intended behavior.
>
> >
> [...]
> >
Thank you for your review.
You are right, OPTS_GET should be used to get data from opts and determine if
opts is NULL. Here I'll use OPTS_GET to fix the bug in the v2 version.
Powered by blists - more mailing lists