UPSTREAM: selftests/bpf: Add test for reg2btf_ids out of bounds access
commit 13c6a37d upstream. This test tries to pass a PTR_TO_BTF_ID_OR_NULL to the release function, which would trigger a out of bounds access without the fix in commit 45ce4b4f ("bpf: Fix crash due to out of bounds access into reg2btf_ids.") but after the fix, it should only index using base_type(reg->type), which should be less than __BPF_REG_TYPE_MAX, and also not permit any type flags to be set for the reg->type. Signed-off-by:Kumar Kartikeya Dwivedi <memxor@gmail.com> Signed-off-by:
Alexei Starovoitov <ast@kernel.org> Link: https://lore.kernel.org/bpf/20220220023138.2224652-1-memxor@gmail.com Signed-off-by:
Greg Kroah-Hartman <gregkh@linuxfoundation.org> (cherry picked from commit f59e6886) Signed-off-by:
Greg Kroah-Hartman <gregkh@google.com> Change-Id: Ia75c39dc8b826f7e55c326eeb906e2dd9f353ab9
Loading
Please sign in to comment