Re: [PATCH 2/2] tools/bpftool: Fix segfault case regarding 'pin' arguments
From: Jakub Kicinski
Date: Wed Jul 18 2018 - 14:19:56 EST
On Wed, 18 Jul 2018 22:35:26 +0900, Taeung Song wrote:
> Arguments of 'pin' subcommand should be checked
> at the very beginning of do_pin_any().
> Otherwise segfault errors can occur when using
> 'map pin' or 'prog pin' commands, so fix it.
>
> # bpftool prog pin id
> Segmentation fault
>
> Fixes: 71bb428fe2c1 ("tools: bpf: add bpftool")
> Cc: Jakub Kicinski <jakub.kicinski@xxxxxxxxxxxxx>
> Reported-by: Taehee Yoo <ap420073@xxxxxxxxx>
> Signed-off-by: Taeung Song <treeze.taeung@xxxxxxxxx>
> ---
> tools/bpf/bpftool/common.c | 11 ++++++++---
> 1 file changed, 8 insertions(+), 3 deletions(-)
>
> diff --git a/tools/bpf/bpftool/common.c b/tools/bpf/bpftool/common.c
> index 32f9e397a6c0..b1e1ba9e1c90 100644
> --- a/tools/bpf/bpftool/common.c
> +++ b/tools/bpf/bpftool/common.c
> @@ -217,6 +217,14 @@ int do_pin_any(int argc, char **argv, int (*get_fd_by_id)(__u32))
> int err;
> int fd;
>
> + if (argc < 3) {
> + p_err("too few arguments, id PROG_ID and FILE path is required");
Thanks for the fix! You can't say PROG_ID here, because this function
is also called by bpftool map pin id X. How about s/PROG_ID/ID/ ?
> + return -1;
> + } else if (argc > 3) {
> + p_err("too many arguments");
> + return -1;
> + }
> +
> if (!is_prefix(*argv, "id")) {
> p_err("expected 'id' got %s", *argv);
> return -1;
> @@ -230,9 +238,6 @@ int do_pin_any(int argc, char **argv, int (*get_fd_by_id)(__u32))
> }
> NEXT_ARG();
>
> - if (argc != 1)
> - usage();
> -
> fd = get_fd_by_id(id);
> if (fd < 0) {
> p_err("can't get prog by id (%u): %s", id, strerror(errno));