On Fri, Apr 28, 2023 at 6:58 PM Daniel Rosenberg <drosen@xxxxxxxxxx> wrote: > > On Thu, Apr 6, 2023 at 2:09 PM Andrii Nakryiko > <andrii.nakryiko@xxxxxxxxx> wrote: > > > > would this work correctly if someone passes a non-null buffer with too > > small size? Can you please add a test for this use case. > > > Working on a test case for this, but the test case I wrote fails > without my patches. > I'm just declaring a buffer of size 9 on the stack, and then passing > in bpf_dynptr_slice that buffer, and size 10. That's passing the > verifier just fine. In fact, it loads successfully up to size 16. I'm > guessing that's adjusting for alignment? Still feels very strange. Is > that expected behavior? pointer to stack is trickier (verifier will just mark part of stack as overwritten with random data), it's best to use map value pointer as a source of buffer. So try using ARRAY map with small value_size, do lookup_elem, check for NULL, and pass non-NULL pointer as a buffer.
