tools, bpftool: Fix struct_ops command invalid pointer free

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

In commit 65c93628599d ("bpftool: Add struct_ops support") a new
type of command named struct_ops has been added. This command requires
a kernel with CONFIG_DEBUG_INFO_BTF=y set and for retrieving BTF info
in bpftool, the helper get_btf_vmlinux() is used.

When running this command on kernel without BTF debug info, this will
lead to 'btf_vmlinux' variable being an invalid(error) pointer. And by
this, btf_free() causes a segfault when executing 'bpftool struct_ops'.

This commit adds pointer validation with IS_ERR not to free invalid
pointer, and this will fix the segfault issue.

Fixes: 65c93628599d ("bpftool: Add struct_ops support")
Signed-off-by: Daniel T. Lee <danieltimlee@gmail.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Link: https://lore.kernel.org/bpf/20200410020612.2930667-1-danieltimlee@gmail.com

authored by

Daniel T. Lee and committed by

Daniel Borkmann 6 years ago 96b2eb6e 642c1654

+3 -1

1 changed file

expand all

tools

bpf

bpftool

struct_ops.c

+3 -1

tools/bpf/bpftool/struct_ops.c

··· 591 591 592 592 err = cmd_select(cmds, argc, argv, do_help); 593 593 594 - btf__free(btf_vmlinux); 594 + if (!IS_ERR(btf_vmlinux)) 595 + btf__free(btf_vmlinux); 596 + 595 597 return err; 596 598 }