Re: [PATCH] libbpf: Fix integer overflow issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Mon, Oct 7, 2024 at 9:46 AM I Hsin Cheng <richard120310@xxxxxxxxx> wrote:
>
> Fix integer overflow issue discovered by coverity scan, where
> "bpf_program_fd()" might return a value less than zero. Assignment of
> "prog_fd" to "kern_data" will result in integer overflow in that case.

Has this been a real issue other than coverity scan? If so, we will need
a Fix tag.

Also, some logistics. Please be clear which tree this patch targets,
and tag the patches with "[PATCH bpf]" or "[PATCH bpf-next]".

> Do a pre-check after the program fd is returned, if it's negative we
> should ignore this program and move on, or maybe add some error handling
> mechanism here.
>
> Signed-off-by: I Hsin Cheng <richard120310@xxxxxxxxx>
> ---
>  tools/lib/bpf/libbpf.c | 3 +++
>  1 file changed, 3 insertions(+)
>
> diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
> index a3be6f8fac09..95fb5e48e79e 100644
> --- a/tools/lib/bpf/libbpf.c
> +++ b/tools/lib/bpf/libbpf.c
> @@ -8458,6 +8458,9 @@ static void bpf_map_prepare_vdata(const struct bpf_map *map)
>                         continue;
>
>                 prog_fd = bpf_program__fd(prog);
> +               if (prog_fd < 0)
> +                       continue;
> +

AFAICT, this only happens with non-NULL obj->gen_loader. So we can
achieve the same with something like:

diff --git i/tools/lib/bpf/libbpf.c w/tools/lib/bpf/libbpf.c
index 712b95e8891b..6756199a942f 100644
--- i/tools/lib/bpf/libbpf.c
+++ w/tools/lib/bpf/libbpf.c
@@ -8502,6 +8502,8 @@ static int bpf_object_prepare_struct_ops(struct
bpf_object *obj)
        struct bpf_map *map;
        int i;

+       if (obj->gen_loader)
+               return 0;
        for (i = 0; i < obj->nr_maps; i++) {
                map = &obj->maps[i];


Thanks,
Song





[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux