Hello:
This patch was applied to bpf/bpf-next.git (master)
by Alexei Starovoitov <ast@xxxxxxxxxx>:
On Mon, 31 Jul 2023 13:45:34 -0700 you wrote:
> syzbot reported an array-index-out-of-bounds when printing out bpf
> insns. Further investigation shows the insn is illegal but
> is printed out due to log level 1 or 2 before actual insn verification
> in do_check().
>
> This particular illegal insn is a MOVSX insn with offset value 2.
> The legal offset value for MOVSX should be 8, 16 and 32.
> The disasm sign-extension-size array index is calculated as
> (insn->off / 8) - 1
> and offset value 2 gives an out-of-bound index -1.
>
> [...]
Here is the summary with links:
- [bpf-next] kernel/bpf: Fix an array-index-out-of-bounds issue in disasm.c
https://git.kernel.org/bpf/bpf-next/c/e99688eba2e9
You are awesome, thank you!
--
Deet-doot-dot, I am a bot.
https://korg.docs.kernel.org/patchwork/pwbot.html
