Subject: eBPF verifier does not check pointer's pointing location
before doing memcpy.
Hi Team,
static __always_inline void ebpf_memcpy(void *dst, const void
*src, int len) {
for (int i = 0; i < 3; i++) {
((char *)dst)[i] = ((const char *)src)[i];
}
}
In the above code, i am passing a char pointer without allocating any
memory to it. But the verifier didn't throw any error or warning, as a
result, during run time it didn't execute " ((char *)dst)[i] = ((const
char *)src)[i]; instruction and return. Fundamentally it is incorrect.
If we execute the same expression in the standard 'C' it must have
thrown a "Segmentation fault" error.
Thanks,
Karthick.
