lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <0bcbff49-1d0a-4e59-83ea-f5c568f736a9@wanadoo.fr>
Date: Wed, 21 Aug 2024 15:41:38 +0200
From: Christophe JAILLET <christophe.jaillet@...adoo.fr>
To: Soma Nakata <soma.nakata01@...il.com>
Cc: Andrii Nakryiko <andrii@...nel.org>, Eduard Zingerman
 <eddyz87@...il.com>, Alexei Starovoitov <ast@...nel.org>,
 Daniel Borkmann <daniel@...earbox.net>,
 Martin KaFai Lau <martin.lau@...ux.dev>, Song Liu <song@...nel.org>,
 Yonghong Song <yonghong.song@...ux.dev>,
 John Fastabend <john.fastabend@...il.com>, KP Singh <kpsingh@...nel.org>,
 Stanislav Fomichev <sdf@...ichev.me>, Hao Luo <haoluo@...gle.com>,
 Jiri Olsa <jolsa@...nel.org>, bpf@...r.kernel.org,
 linux-kernel@...r.kernel.org
Subject: Re: [PATCH v2] libbpf: Initialize st_ops->tname with strdup()

Le 21/08/2024 à 15:30, Soma Nakata a écrit :
> On Wed, Aug 21, 2024 at 9:16 PM Christophe JAILLET
> <christophe.jaillet@...adoo.fr> wrote:
>>
>> Le 21/08/2024 à 13:23, Soma Nakata a écrit :
>>> `tname` is returned by `btf__name_by_offset()` as well as `var_name`,
>>> and these addresses point to strings in the btf. Since their locations
>>> may change while loading the bpf program, using `strdup()` ensures
>>> `tname` is safely stored.
>>>
>>> Signed-off-by: Soma Nakata <soma.nakata01@...il.com>
>>> ---
>>>    tools/lib/bpf/libbpf.c | 7 +++++--
>>>    1 file changed, 5 insertions(+), 2 deletions(-)
>>>
>>> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
>>> index a3be6f8fac09..f4ad1b993ec5 100644
>>> --- a/tools/lib/bpf/libbpf.c
>>> +++ b/tools/lib/bpf/libbpf.c
>>> @@ -496,7 +496,7 @@ struct bpf_program {
>>>    };
>>>
>>>    struct bpf_struct_ops {
>>> -     const char *tname;
>>> +     char *tname;
>>>        const struct btf_type *type;
>>>        struct bpf_program **progs;
>>>        __u32 *kern_func_off;
>>> @@ -1423,7 +1423,9 @@ static int init_struct_ops_maps(struct bpf_object *obj, const char *sec_name,
>>>                memcpy(st_ops->data,
>>>                       data->d_buf + vsi->offset,
>>>                       type->size);
>>> -             st_ops->tname = tname;
>>> +             st_ops->tname = strdup(tname);
>>> +             if (!st_ops->tname)
>>> +                     return -ENOMEM;
>>
>> Certainly a matter of taste, but I would personally move it just after
>> "st_ops->kern_func_off = malloc()" and add the NULL check with the
>> existing ones.
>>
>> BTW, there are some memory leaks if 1 or more allocations fail in this
>> function.
>> Not sure if it is an issue or not, and what should be done in this case.
> 
> You mean the line below?
> if (!st_ops->data || !st_ops->progs || !st_ops->kern_func_off)

Yes.

> seems it says the size of them are in descending order or something.
> But regardless, this looks like a memory leak.
> I will send another patch on this.
> 
> thanks,
> 
>>
>> CJ
>>
>>
>>>                st_ops->type = type;
>>>                st_ops->type_id = type_id;
>>>
>>> @@ -8984,6 +8986,7 @@ static void bpf_map__destroy(struct bpf_map *map)
>>>        map->mmaped = NULL;
>>>
>>>        if (map->st_ops) {
>>> +             zfree(&map->st_ops->tname);
>>>                zfree(&map->st_ops->data);
>>>                zfree(&map->st_ops->progs);
>>>                zfree(&map->st_ops->kern_func_off);
>>
> 
> 


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ