From: Alexei Starovoitov <a...@plumgrid.com> Date: Tue, 8 Sep 2015 13:40:01 -0700
> when the verifier log is enabled the print_bpf_insn() is doing > bpf_alu_string[BPF_OP(insn->code) >> 4] > and > bpf_jmp_string[BPF_OP(insn->code) >> 4] > where BPF_OP is a 4-bit instruction opcode. > Malformed insns can cause out of bounds access. > Fix it by sizing arrays appropriately. > > The bug was found by clang address sanitizer with libfuzzer. > > Reported-by: Yonghong Song <y...@plumgrid.com> > Signed-off-by: Alexei Starovoitov <a...@plumgrid.com> Applied, thanks. -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
