diff options
| author | Andrii Nakryiko <andrii@kernel.org> | 2021-11-03 18:32:10 +0100 |
|---|---|---|
| committer | Alexei Starovoitov <ast@kernel.org> | 2021-11-03 21:25:37 +0100 |
| commit | 88918dc12dc357a06d8d722a684617b1c87a4654 (patch) | |
| tree | f62ea560b498180fca2d5a0b31a14b66fb4c6648 | |
| parent | libbpf: Detect corrupted ELF symbols section (diff) | |
| download | linux-88918dc12dc357a06d8d722a684617b1c87a4654.tar.xz linux-88918dc12dc357a06d8d722a684617b1c87a4654.zip | |
libbpf: Improve sanity checking during BTF fix up
If BTF is corrupted DATASEC's variable type ID might be incorrect.
Prevent this easy to detect situation with extra NULL check.
Reported by oss-fuzz project.
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Yonghong Song <yhs@fb.com>
Link: https://lore.kernel.org/bpf/20211103173213.1376990-3-andrii@kernel.org
| -rw-r--r-- | tools/lib/bpf/libbpf.c | 5 |
1 files changed, 2 insertions, 3 deletions
diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c index 71f5a009010a..f836a1936597 100644 --- a/tools/lib/bpf/libbpf.c +++ b/tools/lib/bpf/libbpf.c @@ -2752,13 +2752,12 @@ static int btf_fixup_datasec(struct bpf_object *obj, struct btf *btf, for (i = 0, vsi = btf_var_secinfos(t); i < vars; i++, vsi++) { t_var = btf__type_by_id(btf, vsi->type); - var = btf_var(t_var); - - if (!btf_is_var(t_var)) { + if (!t_var || !btf_is_var(t_var)) { pr_debug("Non-VAR type seen in section %s\n", name); return -EINVAL; } + var = btf_var(t_var); if (var->linkage == BTF_VAR_STATIC) continue; |