| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAOpe7SdG_Y0M5dJJ-C3NJ6-bfjHAshz+Ok-MzcBiGuaiYyTeRw@mail.gmail.com>
Date: Wed, 21 Aug 2024 22:30:35 +0900
From: Soma Nakata <soma.nakata01@...il.com>
To: Christophe JAILLET <christophe.jaillet@...adoo.fr>
Cc: Andrii Nakryiko <andrii@...nel.org>, Eduard Zingerman <eddyz87@...il.com>,
Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>,
Martin KaFai Lau <martin.lau@...ux.dev>, Song Liu <song@...nel.org>,
Yonghong Song <yonghong.song@...ux.dev>, John Fastabend <john.fastabend@...il.com>,
KP Singh <kpsingh@...nel.org>, Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>,
Jiri Olsa <jolsa@...nel.org>, bpf@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] libbpf: Initialize st_ops->tname with strdup()
On Wed, Aug 21, 2024 at 9:16 PM Christophe JAILLET
<christophe.jaillet@...adoo.fr> wrote:
>
> Le 21/08/2024 à 13:23, Soma Nakata a écrit :
> > `tname` is returned by `btf__name_by_offset()` as well as `var_name`,
> > and these addresses point to strings in the btf. Since their locations
> > may change while loading the bpf program, using `strdup()` ensures
> > `tname` is safely stored.
> >
> > Signed-off-by: Soma Nakata <soma.nakata01@...il.com>
> > ---
> > tools/lib/bpf/libbpf.c | 7 +++++--
> > 1 file changed, 5 insertions(+), 2 deletions(-)
> >
> > diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> > index a3be6f8fac09..f4ad1b993ec5 100644
> > --- a/tools/lib/bpf/libbpf.c
> > +++ b/tools/lib/bpf/libbpf.c
> > @@ -496,7 +496,7 @@ struct bpf_program {
> > };
> >
> > struct bpf_struct_ops {
> > - const char *tname;
> > + char *tname;
> > const struct btf_type *type;
> > struct bpf_program **progs;
> > __u32 *kern_func_off;
> > @@ -1423,7 +1423,9 @@ static int init_struct_ops_maps(struct bpf_object *obj, const char *sec_name,
> > memcpy(st_ops->data,
> > data->d_buf + vsi->offset,
> > type->size);
> > - st_ops->tname = tname;
> > + st_ops->tname = strdup(tname);
> > + if (!st_ops->tname)
> > + return -ENOMEM;
>
> Certainly a matter of taste, but I would personally move it just after
> "st_ops->kern_func_off = malloc()" and add the NULL check with the
> existing ones.
>
> BTW, there are some memory leaks if 1 or more allocations fail in this
> function.
> Not sure if it is an issue or not, and what should be done in this case.
You mean the line below?
if (!st_ops->data || !st_ops->progs || !st_ops->kern_func_off)
seems it says the size of them are in descending order or something.
But regardless, this looks like a memory leak.
I will send another patch on this.
thanks,
>
> CJ
>
>
> > st_ops->type = type;
> > st_ops->type_id = type_id;
> >
> > @@ -8984,6 +8986,7 @@ static void bpf_map__destroy(struct bpf_map *map)
> > map->mmaped = NULL;
> >
> > if (map->st_ops) {
> > + zfree(&map->st_ops->tname);
> > zfree(&map->st_ops->data);
> > zfree(&map->st_ops->progs);
> > zfree(&map->st_ops->kern_func_off);
>
Powered by blists - more mailing lists