Commit 57428298 authored by Andrii Nakryiko's avatar Andrii Nakryiko Committed by Daniel Borkmann

selftests/bpf: Prevent out-of-bounds stack access in test_bpffs

Buf can be not zero-terminated leading to strstr() to access data beyond
the intended buf[] array. Fix by forcing zero termination.
Signed-off-by: default avatarAndrii Nakryiko <andrii@kernel.org>
Signed-off-by: default avatarDaniel Borkmann <daniel@iogearbox.net>
Link: https://lore.kernel.org/bpf/20211124002325.1737739-12-andrii@kernel.org
parent e2e0d90c
...@@ -19,11 +19,13 @@ static int read_iter(char *file) ...@@ -19,11 +19,13 @@ static int read_iter(char *file)
fd = open(file, 0); fd = open(file, 0);
if (fd < 0) if (fd < 0)
return -1; return -1;
while ((len = read(fd, buf, sizeof(buf))) > 0) while ((len = read(fd, buf, sizeof(buf))) > 0) {
buf[sizeof(buf) - 1] = '\0';
if (strstr(buf, "iter")) { if (strstr(buf, "iter")) {
close(fd); close(fd);
return 0; return 0;
} }
}
close(fd); close(fd);
return -1; return -1;
} }
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment