summaryrefslogtreecommitdiffstats
path: root/tools/lib
diff options
context:
space:
mode:
authorAndrii Nakryiko <andriin@fb.com>2019-11-07 03:08:55 +0100
committerDaniel Borkmann <daniel@iogearbox.net>2019-11-07 16:20:38 +0100
commit98e527af30a62cfb1e26f2a0ca76289bc7aba4d2 (patch)
treee7d3e842476215e3aa5c5642dad4f081cb723d76 /tools/lib
parentlibbpf: Make btf__resolve_size logic always check size error condition (diff)
downloadlinux-98e527af30a62cfb1e26f2a0ca76289bc7aba4d2.tar.xz
linux-98e527af30a62cfb1e26f2a0ca76289bc7aba4d2.zip
libbpf: Improve handling of corrupted ELF during map initialization
If we get ELF file with "maps" section, but no symbols pointing to it, we'll end up with division by zero. Add check against this situation and exit early with error. Found by Coverity scan against Github libbpf sources. Fixes: bf82927125dd ("libbpf: refactor map initialization") Signed-off-by: Andrii Nakryiko <andriin@fb.com> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20191107020855.3834758-6-andriin@fb.com
Diffstat (limited to 'tools/lib')
-rw-r--r--tools/lib/bpf/libbpf.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
index 3ef73a214592..fde6cb3e5d41 100644
--- a/tools/lib/bpf/libbpf.c
+++ b/tools/lib/bpf/libbpf.c
@@ -956,13 +956,13 @@ static int bpf_object__init_user_maps(struct bpf_object *obj, bool strict)
pr_debug("maps in %s: %d maps in %zd bytes\n",
obj->path, nr_maps, data->d_size);
- map_def_sz = data->d_size / nr_maps;
- if (!data->d_size || (data->d_size % nr_maps) != 0) {
+ if (!data->d_size || nr_maps == 0 || (data->d_size % nr_maps) != 0) {
pr_warn("unable to determine map definition size "
"section %s, %d maps in %zd bytes\n",
obj->path, nr_maps, data->d_size);
return -EINVAL;
}
+ map_def_sz = data->d_size / nr_maps;
/* Fill obj->maps using data in "maps" section. */
for (i = 0; i < nr_syms; i++) {