Re: [bpf-next, v2] bpf: verifier: Fix potential memleak and UAF in bpf verifier

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Wed, Jul 14, 2021 at 5:54 PM Song Liu <song@xxxxxxxxxx> wrote:
> > -       return 0;
> > +       return;
> No need to say return here.
>
> >  }
> >
> >  static void adjust_subprog_starts(struct bpf_verifier_env *env, u32 off, u32 len)
> > @@ -11492,6 +11490,14 @@ static struct bpf_prog *bpf_patch_insn_data(struct bpf_verifier_env *env, u32 of
> >                                             const struct bpf_insn *patch, u32 len)
> >  {
> >         struct bpf_prog *new_prog;
> > +       struct bpf_insn_aux_data *new_data = NULL;
> > +
> > +       if (len > 1) {
> > +               new_data = vzalloc(array_size(env->prog->len + len - 1,
> > +                                             sizeof(struct bpf_insn_aux_data)));
> > +               if (!new_data)
> > +                       return NULL;

I removed the redundant 'return' that Song pointed out and the
redundant 'if' above.
And applied to bpf-next.
Though it's a fix, I think it's ok to go via bpf-next, since even
syzbot didn't find it.
[Index of Archives]     [Linux Samsung SoC]     [Linux Rockchip SoC]     [Linux Actions SoC]     [Linux for Synopsys ARC Processors]     [Linux NFS]     [Linux NILFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux