| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250612131816.1870-1-uncleruc2075@gmail.com> Date: Thu, 12 Jun 2025 16:18:16 +0300 From: Ruslan Semchenko <uncleruc2075@...il.com> To: bpf@...r.kernel.org Cc: linux-kernel@...r.kernel.org, ast@...nel.org, daniel@...earbox.net, Ruslan Semchenko <uncleruc2075@...il.com> Subject: [PATCH] potential negative index dereference fix in get_exec_path() If readlink() fails, len will be -1, which can cause negative indexing and undefined behavior. This patch ensures that len is set to 0 on readlink failure, preventing such issues. Signed-off-by: Ruslan Semchenko <uncleruc2075@...il.com> --- tools/bpf/bpf_jit_disasm.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/tools/bpf/bpf_jit_disasm.c b/tools/bpf/bpf_jit_disasm.c index 1baee9e2aba9..5ab8f80e2834 100644 --- a/tools/bpf/bpf_jit_disasm.c +++ b/tools/bpf/bpf_jit_disasm.c @@ -45,6 +45,8 @@ static void get_exec_path(char *tpath, size_t size) assert(path); len = readlink(path, tpath, size); + if (len < 0) + len = 0; tpath[len] = 0; free(path); -- 2.49.0
Powered by blists - more mailing lists