lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAO9qdTH5SgSy_Mn6VMUNnkKa-Dr9x2bpgG6q=_3K8jJJT1p6sQ@mail.gmail.com>
Date: Fri, 30 Aug 2024 20:41:03 +0900
From: Jeongjun Park <aha310510@...il.com>
To: Eduard Zingerman <eddyz87@...il.com>
Cc: alexei.starovoitov@...il.com, andrii@...nel.org, ast@...nel.org, 
	bpf@...r.kernel.org, daniel@...earbox.net, haoluo@...gle.com, 
	john.fastabend@...il.com, jolsa@...nel.org, kpsingh@...nel.org, 
	linux-kernel@...r.kernel.org, martin.lau@...ux.dev, sdf@...ichev.me, 
	song@...nel.org, yonghong.song@...ux.dev
Subject: Re: [PATCH bpf] bpf: add check for invalid name in btf_name_valid_section()

Eduard Zingerman wrote:
>
> On Fri, 2024-08-30 at 11:03 +0900, Jeongjun Park wrote:
>
> [...]
>
> > > diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
> > > index edad152cee8e..d583d76fcace 100644
> > > --- a/kernel/bpf/btf.c
> > > +++ b/kernel/bpf/btf.c
> > > @@ -820,7 +820,6 @@ static bool btf_name_valid_section(const struct btf *btf, u32 offset)
> > >
> > >        /* set a limit on identifier length */
> > >        src_limit = src + KSYM_NAME_LEN;
> > > -       src++;
> > >        while (*src && src < src_limit) {
> > >                if (!isprint(*src))
> > >                        return false;
> >
> > However, this patch is logically flawed.
> > It will return true for invalid names with
> > length 1 and src[0] being NULL. So I think
> > it's better to stick with the original patch.
>
> Fair enough, however the isprint check should be done for the first character.
> So the full fix is a combination :)

So does that mean it's appropriate to add if(!isprint(*src)) instead
of if(!*src)?
As far as I know, the first character of name doesn't need isprint() check,
so if that's true, it would be appropriate to use isprint. Once this
is confirmed,
I'll send you a v2 patch that added selftest.

Regards,
Jeongjun Park

>
> --- a/kernel/bpf/btf.c
> +++ b/kernel/bpf/btf.c
> @@ -818,9 +818,11 @@ static bool btf_name_valid_section(const struct btf *btf, u32 offset)
>         const char *src = btf_str_by_offset(btf, offset);
>         const char *src_limit;
>
> +       if (!*src)
> +               return false;
> +
>         /* set a limit on identifier length */
>         src_limit = src + KSYM_NAME_LEN;
> -       src++;
>         while (*src && src < src_limit) {
>                 if (!isprint(*src))
>                         return false;
>
>
> And corresponding test cases (tools/testing/selftests/bpf/prog_tests/btf.c):
>
> {
>         .descr = "datasec: name with non-printable first char not is ok",
>         .raw_types = {
>                 /* int */
>                 BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
>                 /* VAR x */                                     /* [2] */
>                 BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
>                 BTF_VAR_STATIC,
>                 /* DATASEC ?.data */                            /* [3] */
>                 BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
>                 BTF_VAR_SECINFO_ENC(2, 0, 4),
>                 BTF_END_RAW,
>         },
>         BTF_STR_SEC("\0x\0\7foo"),
>         .err_str = "Invalid name",
>         .btf_load_err = true,
> },{
>         .descr = "datasec: name '\\0' is not ok",
>         .raw_types = {
>                 /* int */
>                 BTF_TYPE_INT_ENC(0, BTF_INT_SIGNED, 0, 32, 4),  /* [1] */
>                 /* VAR x */                                     /* [2] */
>                 BTF_TYPE_ENC(1, BTF_INFO_ENC(BTF_KIND_VAR, 0, 0), 1),
>                 BTF_VAR_STATIC,
>                 /* DATASEC \0 */                                /* [3] */
>                 BTF_TYPE_ENC(3, BTF_INFO_ENC(BTF_KIND_DATASEC, 0, 1), 4),
>                 BTF_VAR_SECINFO_ENC(2, 0, 4),
>                 BTF_END_RAW,
>         },
>         BTF_STR_SEC("\0x\0"),
>         .err_str = "Invalid name",
>         .btf_load_err = true,
> },
>
> Could you please resend your patch as a patch-set fix + selftests update?
>

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ