Gh0st
/
linux
mirror of https://github.com/torvalds/linux.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity
linux/kernel/bpf
History
Jeongjun Park bb6705c3f9 bpf: add check for invalid name in btf_name_valid_section() 
If the length of the name string is 1 and the value of name[0] is NULL
byte, an OOB vulnerability occurs in btf_name_valid_section() and the
return value is true, so the invalid name passes the check.

To solve this, you need to check if the first position is NULL byte and
if the first character is printable.

Suggested-by: Eduard Zingerman <eddyz87@gmail.com>
Fixes: bd70a8fb7c ("bpf: Allow all printable characters in BTF DATASEC names")
Signed-off-by: Jeongjun Park <aha310510@gmail.com>
Link: https://lore.kernel.org/r/20240831054702.364455-1-aha310510@gmail.com
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Acked-by: Eduard Zingerman <eddyz87@gmail.com>
 		2024-09-04 11:56:34 -07:00
..
preload
Kconfig bpf: remove CONFIG_BPF_JIT dependency on CONFIG_MODULES of 2024-05-14 00:36:29 -07:00
Makefile libbpf,bpf: Share BTF relocate-related code with kernel 2024-06-21 14:45:07 -07:00
arena.c bpf: Fix remap of arena. 2024-06-18 17:19:46 +02:00
arraymap.c
bloom_filter.c
bpf_cgrp_storage.c
bpf_inode_storage.c
bpf_iter.c
bpf_local_storage.c bpf: fix order of args in call to bpf_map_kvcalloc 2024-07-10 15:31:19 -07:00
bpf_lru_list.c
bpf_lru_list.h
bpf_lsm.c bpf: Add security_file_post_open() LSM hook to sleepable_lsm_hooks 2024-06-21 19:55:57 +02:00
bpf_struct_ops.c bpf: Use precise image size for struct_ops trampoline 2024-07-01 17:10:46 +02:00
bpf_task_storage.c
btf.c bpf: add check for invalid name in btf_name_valid_section() 2024-09-04 11:56:34 -07:00
cgroup.c
cgroup_iter.c
core.c bpf-next-for-netdev 2024-07-09 17:01:46 +02:00
cpumap.c net: Move flush list retrieval to where it is used. 2024-07-02 15:26:57 +02:00
cpumask.c
crypto.c bpf: crypto: make state and IV dynptr nullable 2024-06-13 16:33:04 -07:00
devmap.c bpf-next-for-netdev 2024-07-09 17:01:46 +02:00
disasm.c
disasm.h
dispatcher.c
hashtab.c
helpers.c Merge git://git.kernel.org/pub/scm/linux/kernel/git/netdev/net 2024-07-11 12:58:13 -07:00
inode.c
link_iter.c
local_storage.c
log.c bpf: remove redeclaration of new_n in bpf_verifier_vlog 2024-06-20 19:50:26 -07:00
lpm_trie.c
map_in_map.c bpf: save extended inner map info for percpu array maps as well 2024-05-15 09:34:54 -07:00
map_in_map.h
map_iter.c
memalloc.c mm: remove CONFIG_MEMCG_KMEM 2024-07-10 12:14:54 -07:00
mmap_unlock_work.h
mprog.c
net_namespace.c
offload.c
percpu_freelist.c
percpu_freelist.h
prog_iter.c
queue_stack_maps.c
reuseport_array.c
ringbuf.c bpf: Fix overrunning reservations in ringbuf 2024-06-21 13:04:21 -07:00
stackmap.c
syscall.c sysctl: treewide: constify the ctl_table argument of proc_handlers 2024-07-24 20:59:29 +02:00
sysfs_btf.c
task_iter.c bpf: Remove unnecessary loop in task_file_seq_get_next() 2024-07-08 16:23:19 +02:00
tcx.c
tnum.c
token.c
trampoline.c Networking changes for 6.10. 2024-05-14 19:42:24 -07:00
verifier.c bpf: Fix a kernel verifier crash in stacksafe() 2024-08-12 18:09:48 -07:00