From: Alexei Starovoitov <[email protected]> Date: Tue, 8 Sep 2015 13:40:01 -0700
> when the verifier log is enabled the print_bpf_insn() is doing > bpf_alu_string[BPF_OP(insn->code) >> 4] > and > bpf_jmp_string[BPF_OP(insn->code) >> 4] > where BPF_OP is a 4-bit instruction opcode. > Malformed insns can cause out of bounds access. > Fix it by sizing arrays appropriately. > > The bug was found by clang address sanitizer with libfuzzer. > > Reported-by: Yonghong Song <[email protected]> > Signed-off-by: Alexei Starovoitov <[email protected]> Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to [email protected] More majordomo info at http://vger.kernel.org/majordomo-info.html
