Re: NULL pointer deref when running BPF monitor program (6.11.0-rc1)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Oct 09, 2024 at 08:17:27PM -0700, Josh Poimboeuf wrote:
> On Wed, Oct 09, 2024 at 08:57:50PM -0400, Steven Rostedt wrote:
> > On Wed, 9 Oct 2024 20:56:47 -0400
> > Steven Rostedt <rostedt@xxxxxxxxxxx> wrote:
> > 
> > > I was thinking if something like objtool (could be something else that can
> > > read the executable code) and know of where functions are. It could just
> > > see if anything tests rdi, rsi, rdx, rcx, r8 or r9 (or their 32 bit
> > > alternatives) for NULL before using or setting it.
> > > 
> > > If it does, then we know that one of the arguments could possibly be NULL.
> > 
> > Oh, and it only needs to look at functions that are named:
> > 
> >   trace_event_raw_event_*()
> 
> Unfortunately it's not that simple, the args could be moved around to
> other registers.  And objtool doesn't have an emulator.
> 
> Also it's not clear how that would deal with >6 args, or IS_ERR() as
> Jirka pointed out upthread.

another complication might be that the code in tracepoint's fast assign
can potentially call global function (?), that could do the argument NULL
check and we won't have its code at objtool invocation time

jirka




[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]


  Powered by Linux