lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <79df3541-5557-05fa-a81e-84728d509bfc@iogearbox.net>
Date: Fri, 3 May 2024 17:47:30 +0200
From: Daniel Borkmann <daniel@...earbox.net>
To: Kunwu Chan <chentao@...inos.cn>, ast@...nel.org, andrii@...nel.org,
 martin.lau@...ux.dev, eddyz87@...il.com, song@...nel.org,
 yonghong.song@...ux.dev, john.fastabend@...il.com, kpsingh@...nel.org,
 sdf@...gle.com, haoluo@...gle.com, jolsa@...nel.org, mykolal@...com,
 shuah@...nel.org, kunwu.chan@...mail.com
Cc: bpf@...r.kernel.org, linux-kselftest@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH bpf-next 4/4] selftests/bpf: Add a null pointer check for
 the serial_test_tp_attach_query

On 4/24/24 4:04 AM, Kunwu Chan wrote:
> There is a 'malloc' call, which can be unsuccessful.
> Add the malloc failure checking to avoid possible null
> dereference.
> 
> Signed-off-by: Kunwu Chan <chentao@...inos.cn>
> ---
>   tools/testing/selftests/bpf/prog_tests/tp_attach_query.c | 3 +++
>   1 file changed, 3 insertions(+)
> 
> diff --git a/tools/testing/selftests/bpf/prog_tests/tp_attach_query.c b/tools/testing/selftests/bpf/prog_tests/tp_attach_query.c
> index 655d69f0ff0b..302b25408a53 100644
> --- a/tools/testing/selftests/bpf/prog_tests/tp_attach_query.c
> +++ b/tools/testing/selftests/bpf/prog_tests/tp_attach_query.c
> @@ -39,6 +39,9 @@ void serial_test_tp_attach_query(void)
>   	attr.wakeup_events = 1;
>   
>   	query = malloc(sizeof(*query) + sizeof(__u32) * num_progs);
> +	if (CHECK(!query, "malloc()", "error:%s\n", strerror(errno)))

Series looks reasonable, small nit on CHECK() : Lets use ASSERT*() macros given they are
preferred over the latter :

if (!ASSERT_OK_PTR(buf, "malloc"))

> +		return;
> +
>   	for (i = 0; i < num_progs; i++) {
>   		err = bpf_prog_test_load(file, BPF_PROG_TYPE_TRACEPOINT, &obj[i],
>   				    &prog_fd[i]);
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ