On Wed, 31 Jan 2018 11:42:16 +0100
Daniel Borkmann wrote:
> On 01/31/2018 08:24 AM, Jesper Dangaard Brouer wrote:
> > On Wed, 31 Jan 2018 01:31:11 +0100
> > Daniel Borkmann wrote:
> >
> >> syzkaller was able to generate the following XDP program ...
> >>
> >> (18) r0 = 0x0
> >> (61) r5 =
On 01/31/2018 08:24 AM, Jesper Dangaard Brouer wrote:
> On Wed, 31 Jan 2018 01:31:11 +0100
> Daniel Borkmann wrote:
>
>> syzkaller was able to generate the following XDP program ...
>>
>> (18) r0 = 0x0
>> (61) r5 = *(u32 *)(r1 +12)
>> (04) (u32) r0 += (u32) 0
>> (95) exit
>>
>> ... and tr
On Wed, 31 Jan 2018 01:31:11 +0100
Daniel Borkmann wrote:
> syzkaller was able to generate the following XDP program ...
>
> (18) r0 = 0x0
> (61) r5 = *(u32 *)(r1 +12)
> (04) (u32) r0 += (u32) 0
> (95) exit
>
> ... and trigger a NULL pointer dereference in ___bpf_prog_run()
> via bpf_pr
syzkaller was able to generate the following XDP program ...
(18) r0 = 0x0
(61) r5 = *(u32 *)(r1 +12)
(04) (u32) r0 += (u32) 0
(95) exit
... and trigger a NULL pointer dereference in ___bpf_prog_run()
via bpf_prog_test_run_xdp() where this was attempted to run.
Reason is that recent xdp_
