lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 7 Aug 2020 11:45:46 +0200 From: Jiri Olsa <jolsa@...nel.org> To: Alexei Starovoitov <ast@...nel.org>, Daniel Borkmann <daniel@...earbox.net>, Andrii Nakryiko <andriin@...com> Cc: netdev@...r.kernel.org, bpf@...r.kernel.org, Song Liu <songliubraving@...com>, Yonghong Song <yhs@...com>, Martin KaFai Lau <kafai@...com>, David Miller <davem@...hat.com>, John Fastabend <john.fastabend@...il.com>, Wenbo Zhang <ethercflow@...il.com>, KP Singh <kpsingh@...omium.org>, Brendan Gregg <bgregg@...flix.com>, Florent Revest <revest@...omium.org>, Al Viro <viro@...iv.linux.org.uk> Subject: [PATCH v10 bpf-next 01/14] tools resolve_btfids: Add size check to get_id function To make sure we don't crash on malformed symbols. Acked-by: Andrii Nakryiko <andriin@...com> Signed-off-by: Jiri Olsa <jolsa@...nel.org> --- tools/bpf/resolve_btfids/main.c | 9 ++++++++- 1 file changed, 8 insertions(+), 1 deletion(-) diff --git a/tools/bpf/resolve_btfids/main.c b/tools/bpf/resolve_btfids/main.c index 52d883325a23..b83369887df6 100644 --- a/tools/bpf/resolve_btfids/main.c +++ b/tools/bpf/resolve_btfids/main.c @@ -199,9 +199,16 @@ static char *get_id(const char *prefix_end) /* * __BTF_ID__func__vfs_truncate__0 * prefix_end = ^ + * pos = ^ */ - char *p, *id = strdup(prefix_end + sizeof("__") - 1); + int len = strlen(prefix_end); + int pos = sizeof("__") - 1; + char *p, *id; + if (pos >= len) + return NULL; + + id = strdup(prefix_end + pos); if (id) { /* * __BTF_ID__func__vfs_truncate__0 -- 2.25.4
Powered by blists - more mailing lists