diff options
author | Andrii Nakryiko <andrii@kernel.org> | 2021-11-23 16:23:18 -0800 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2022-01-27 11:03:16 +0100 |
commit | ef89212783a29df9c5fe89551596d6a904a559fa (patch) | |
tree | 394d4f9e7c2f4bc013bf5fc788e9354bdf3adecf /tools | |
parent | 9b616ae0bf98146fe50c4cc6d068fbe421b1ca82 (diff) |
libbpf: Fix using invalidated memory in bpf_linker
[ Upstream commit 593835377f24ca1bb98008ec1dc3baefe491ad6e ]
add_dst_sec() can invalidate bpf_linker's section index making
dst_symtab pointer pointing into unallocated memory. Reinitialize
dst_symtab pointer on each iteration to make sure it's always valid.
Fixes: faf6ed321cf6 ("libbpf: Add BPF static linker APIs")
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20211124002325.1737739-7-andrii@kernel.org
Signed-off-by: Sasha Levin <sashal@kernel.org>
Diffstat (limited to 'tools')
-rw-r--r-- | tools/lib/bpf/linker.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/tools/lib/bpf/linker.c b/tools/lib/bpf/linker.c index 84095a2c2ef2..6b2f59ddb691 100644 --- a/tools/lib/bpf/linker.c +++ b/tools/lib/bpf/linker.c @@ -2001,7 +2001,7 @@ add_sym: static int linker_append_elf_relos(struct bpf_linker *linker, struct src_obj *obj) { struct src_sec *src_symtab = &obj->secs[obj->symtab_sec_idx]; - struct dst_sec *dst_symtab = &linker->secs[linker->symtab_sec_idx]; + struct dst_sec *dst_symtab; int i, err; for (i = 1; i < obj->sec_cnt; i++) { @@ -2034,6 +2034,9 @@ static int linker_append_elf_relos(struct bpf_linker *linker, struct src_obj *ob return -1; } + /* add_dst_sec() above could have invalidated linker->secs */ + dst_symtab = &linker->secs[linker->symtab_sec_idx]; + /* shdr->sh_link points to SYMTAB */ dst_sec->shdr->sh_link = linker->symtab_sec_idx; |