From: Dmitry V. Levin Date: Thu, 3 Jan 2019 23:36:22 +0000 (+0000) Subject: tests: use tail_alloc instead of calloc in bpf-obj_get_info_by_fd-prog* X-Git-Tag: v5.0~95 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=3e93457d5f21cdc02f18293de0c2203481ce70b0;p=strace tests: use tail_alloc instead of calloc in bpf-obj_get_info_by_fd-prog* This guarantees that map_info and prog_info objects are not accessed out of bounds. * tests/bpf-obj_get_info_by_fd.c: Include . (main): Use tail_alloc instead of calloc for map_info and prog_info. --- diff --git a/tests/bpf-obj_get_info_by_fd.c b/tests/bpf-obj_get_info_by_fd.c index e95afda2..de23831a 100644 --- a/tests/bpf-obj_get_info_by_fd.c +++ b/tests/bpf-obj_get_info_by_fd.c @@ -18,6 +18,7 @@ #include #include #include +#include #include #include #include @@ -274,13 +275,14 @@ main(void) * initializer element is not constant. */ #define MAP_INFO_SZ (sizeof(*map_info) + 64) - struct bpf_map_info_struct *map_info = calloc(1, MAP_INFO_SZ); + struct bpf_map_info_struct *map_info = tail_alloc(MAP_INFO_SZ); struct BPF_OBJ_GET_INFO_BY_FD_struct bpf_map_get_info_attr = { .bpf_fd = map_fd, .info_len = MAP_INFO_SZ, .info = (uintptr_t) map_info, }; + memset(map_info, 0, MAP_INFO_SZ); int ret = sys_bpf(BPF_OBJ_GET_INFO_BY_FD, &bpf_map_get_info_attr, sizeof(bpf_map_get_info_attr)); if (ret < 0) @@ -330,7 +332,7 @@ main(void) * initializer element is not constant. */ # define PROG_INFO_SZ (sizeof(*prog_info) + 64) - struct bpf_prog_info_struct *prog_info = calloc(1, PROG_INFO_SZ); + struct bpf_prog_info_struct *prog_info = tail_alloc(PROG_INFO_SZ); struct bpf_insn *xlated_prog = tail_alloc(sizeof(*xlated_prog) * 42); uint32_t *map_ids = tail_alloc(sizeof(*map_ids) * 2); struct BPF_OBJ_GET_INFO_BY_FD_struct bpf_prog_get_info_attr = { @@ -340,6 +342,7 @@ main(void) }; size_t old_prog_info_len = PROG_INFO_SZ; + memset(prog_info, 0, PROG_INFO_SZ); for (unsigned int i = 0; i < 4; i++) { prog_info->jited_prog_len = 0; switch (i) {