summaryrefslogtreecommitdiff
path: root/kernel
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2024-09-05 20:10:53 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2024-09-05 20:10:53 -0700
commitb831f83e40a24f07c8dcba5be408d93beedc820f (patch)
tree45d37c24cbcde7ceb198bebd4ad8719b11a3c640 /kernel
parentd759ee240d3c0c4a19f4d984eb21c36da76bc6ce (diff)
parent5390f315fc8c9b9f48105a0d88b56bc59fa2b3e0 (diff)
Merge tag 'bpf-6.11-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf
Pull bpf fixes from Alexei Starovoitov: - Fix crash when btf_parse_base() returns an error (Martin Lau) - Fix out of bounds access in btf_name_valid_section() (Jeongjun Park) * tag 'bpf-6.11-rc7' of git://git.kernel.org/pub/scm/linux/kernel/git/bpf/bpf: selftests/bpf: Add a selftest to check for incorrect names bpf: add check for invalid name in btf_name_valid_section() bpf: Fix a crash when btf_parse_base() returns an error pointer
Diffstat (limited to 'kernel')
-rw-r--r--kernel/bpf/btf.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/kernel/bpf/btf.c b/kernel/bpf/btf.c
index 520f49f422fe..a4e4f8d43ecf 100644
--- a/kernel/bpf/btf.c
+++ b/kernel/bpf/btf.c
@@ -823,9 +823,11 @@ static bool btf_name_valid_section(const struct btf *btf, u32 offset)
const char *src = btf_str_by_offset(btf, offset);
const char *src_limit;
+ if (!*src)
+ return false;
+
/* set a limit on identifier length */
src_limit = src + KSYM_NAME_LEN;
- src++;
while (*src && src < src_limit) {
if (!isprint(*src))
return false;
@@ -6283,7 +6285,7 @@ static struct btf *btf_parse_module(const char *module_name, const void *data,
errout:
btf_verifier_env_free(env);
- if (base_btf != vmlinux_btf)
+ if (!IS_ERR(base_btf) && base_btf != vmlinux_btf)
btf_free(base_btf);
if (btf) {
kvfree(btf->data);