| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <badd583d09868ffdd48a97c727680ca6f5699727.camel@gmail.com>
Date: Tue, 20 Aug 2024 18:33:11 -0700
From: Eduard Zingerman <eddyz87@...il.com>
To: Liu RuiTong <cnitlrt@...il.com>, stable@...r.kernel.org
Cc: regressions@...ts.linux.dev, bpf@...r.kernel.org,
linux-kernel@...r.kernel.org
Subject: Re: KASAN: null-ptr-deref in bpf_core_calc_relo_insn
On Tue, 2024-08-20 at 17:21 +0800, Liu RuiTong wrote:
[...]
> bpf_core_calc_relo_insn+311 <bpf_core_calc_relo_insn+311>
> ─────────────────────────────────────────────────────────────────────────────────────────────[
> SOURCE (CODE) ]──────────────────────────────────────────────────────────────────────────────────────────────
> In file: /home/ubuntu/fuzz/linux-6.11-rc4/tools/lib/bpf/relo_core.c:1300
> 1295 char spec_buf[256];
> 1296 int i, j, err;
> 1297
> 1298 local_id = relo->type_id;
> 1299 local_type = btf_type_by_id(local_btf, local_id);
> ► 1300 local_name = btf__name_by_offset(local_btf,
> local_type->name_off);
Hi Liu,
Thank you for the report, I can reproduce the issue.
Will comment later today.
> 1301 if (!local_name)
> 1302 return -EINVAL;
> 1303
> 1304 err = bpf_core_parse_spec(prog_name, local_btf, relo,
> local_spec);
> 1305 if (err) {
> ─────────────────────────────────────────────────────────────────────────────────────────────────[
> STACK ]──────────────────────────────────────────────────────────────────────────────────────────────────
> ```
Powered by blists - more mailing lists