UbiquitousOS
/
OpenCloudOS-Kernel
mirror of https://gitee.com/OpenCloudOS/OpenCloudOS-Kernel.git
11
0
Fork 0
Code Issues Projects Releases Wiki Activity

libbpf: Fix another potential overflow issue in bpf_prog_linfo 

Fix few issues found by Coverity and LGTM.

Fixes: b053b439b7 ("bpf: libbpf: bpftool: Print bpf_line_info during prog dump")
Signed-off-by: Andrii Nakryiko <andriin@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20191107020855.3834758-4-andriin@fb.com
This commit is contained in:
Andrii Nakryiko 2019-11-06 18:08:53 -08:00 committed by Daniel Borkmann
parent 4ee1135615
commit dd3ab12637
1 changed files with 7 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
tools/lib/bpf/bpf_prog_linfo.c
View File

@ -101,6 +101,7 @@ struct bpf_prog_linfo *bpf_prog_linfo__new(const struct bpf_prog_info *info)
{ {
struct bpf_prog_linfo *prog_linfo; struct bpf_prog_linfo *prog_linfo;
__u32 nr_linfo, nr_jited_func; __u32 nr_linfo, nr_jited_func;
__u64 data_sz;
nr_linfo = info->nr_line_info; nr_linfo = info->nr_line_info;
@ -122,11 +123,11 @@ struct bpf_prog_linfo *bpf_prog_linfo__new(const struct bpf_prog_info *info)
/* Copy xlated line_info */ /* Copy xlated line_info */
prog_linfo->nr_linfo = nr_linfo; prog_linfo->nr_linfo = nr_linfo;
prog_linfo->rec_size = info->line_info_rec_size; prog_linfo->rec_size = info->line_info_rec_size;
prog_linfo->raw_linfo = malloc(nr_linfo * prog_linfo->rec_size); data_sz = (__u64)nr_linfo * prog_linfo->rec_size;
prog_linfo->raw_linfo = malloc(data_sz);
if (!prog_linfo->raw_linfo) if (!prog_linfo->raw_linfo)
goto err_free; goto err_free;
memcpy(prog_linfo->raw_linfo, (void *)(long)info->line_info, memcpy(prog_linfo->raw_linfo, (void *)(long)info->line_info, data_sz);
nr_linfo * prog_linfo->rec_size);
nr_jited_func = info->nr_jited_ksyms; nr_jited_func = info->nr_jited_ksyms;
if (!nr_jited_func || if (!nr_jited_func ||
@ -142,13 +143,12 @@ struct bpf_prog_linfo *bpf_prog_linfo__new(const struct bpf_prog_info *info)
/* Copy jited_line_info */ /* Copy jited_line_info */
prog_linfo->nr_jited_func = nr_jited_func; prog_linfo->nr_jited_func = nr_jited_func;
prog_linfo->jited_rec_size = info->jited_line_info_rec_size; prog_linfo->jited_rec_size = info->jited_line_info_rec_size;
prog_linfo->raw_jited_linfo = malloc(nr_linfo * data_sz = (__u64)nr_linfo * prog_linfo->jited_rec_size;
prog_linfo->jited_rec_size); prog_linfo->raw_jited_linfo = malloc(data_sz);
if (!prog_linfo->raw_jited_linfo) if (!prog_linfo->raw_jited_linfo)
goto err_free; goto err_free;
memcpy(prog_linfo->raw_jited_linfo, memcpy(prog_linfo->raw_jited_linfo,
(void *)(long)info->jited_line_info, (void *)(long)info->jited_line_info, data_sz);
nr_linfo * prog_linfo->jited_rec_size);
/* Number of jited_line_info per jited func */ /* Number of jited_line_info per jited func */
prog_linfo->nr_jited_linfo_per_func = malloc(nr_jited_func * prog_linfo->nr_jited_linfo_per_func = malloc(nr_jited_func *