Em Thu, Nov 01, 2018 at 07:17:29PM +0000, Edward Cree escreveu:
> On 31/10/18 23:05, Daniel Borkmann wrote:
> > ALU operations on pointers such as scalar_reg += map_value_ptr are
> > handled in adjust_ptr_min_max_vals(). Problem is however that map_ptr
> > and range in the register state share a union, so transferring state
> > through dst_reg->range = ptr_reg->range is just buggy as any new
> > map_ptr in the dst_reg is then truncated (or null) for subsequent
> > checks. Fix this by adding a raw member and use it for copying state
> > over to dst_reg.
> >
> > Fixes: f1174f77b50c ("bpf/verifier: rework value tracking")
> > Signed-off-by: Daniel Borkmann <dan...@iogearbox.net>
> > Cc: Edward Cree <ec...@solarflare.com>
> > Acked-by: Alexei Starovoitov <a...@kernel.org>
> > ---
> Acked-by: Edward Cree <ec...@solarflare.com>
> (though I apparently missed the 63-minute window to hit the git record...)Those guys are fast! :-) - Arnaldo
