From b0294bc1ad19e9d2dd03df5faa1ccc395d4ddd4b Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Fri, 13 Jul 2018 18:11:39 +0300 Subject: samples: bpf: ensure that we don't load over MAX_PROGS programs I can't see that we check prog_cnt to ensure it doesn't go over MAX_PROGS. Signed-off-by: Dan Carpenter Signed-off-by: Alexei Starovoitov --- samples/bpf/bpf_load.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'samples') diff --git a/samples/bpf/bpf_load.c b/samples/bpf/bpf_load.c index 89161c9ed466..904e775d1a44 100644 --- a/samples/bpf/bpf_load.c +++ b/samples/bpf/bpf_load.c @@ -107,6 +107,9 @@ static int load_and_attach(const char *event, struct bpf_insn *prog, int size) return -1; } + if (prog_cnt == MAX_PROGS) + return -1; + fd = bpf_load_program(prog_type, prog, insns_cnt, license, kern_version, bpf_log_buf, BPF_LOG_BUF_SIZE); if (fd < 0) { -- cgit v1.2.3-70-g09d2 From ee583014a9d8cc48cb4969f87cc02c12b966fabc Mon Sep 17 00:00:00 2001 From: Dan Carpenter Date: Fri, 13 Jul 2018 18:05:37 +0300 Subject: samples/bpf: test_cgrp2_sock2: fix an off by one "prog_cnt" is the number of elements which are filled out in prog_fd[] so the test should be >= instead of >. Signed-off-by: Dan Carpenter Reviewed-by: David Ahern Signed-off-by: Alexei Starovoitov --- samples/bpf/test_cgrp2_sock2.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'samples') diff --git a/samples/bpf/test_cgrp2_sock2.c b/samples/bpf/test_cgrp2_sock2.c index 3b5be2364975..a9277b118c33 100644 --- a/samples/bpf/test_cgrp2_sock2.c +++ b/samples/bpf/test_cgrp2_sock2.c @@ -51,7 +51,7 @@ int main(int argc, char **argv) if (argc > 3) filter_id = atoi(argv[3]); - if (filter_id > prog_cnt) { + if (filter_id >= prog_cnt) { printf("Invalid program id; program not found in file\n"); return EXIT_FAILURE; } -- cgit v1.2.3-70-g09d2