Commit 0ae70ad6 authored Jun 25, 2024 by Carlos López Committed by Zheng Yejian Jun 25, 2024

tracing/probes: fix error check in parse_btf_field()

stable inclusion
from stable-v6.6.33
commit ad4b202da2c498fefb69e5d87f67b946e7fe1e6a
bugzilla: https://gitee.com/src-openeuler/kernel/issues/IA7DBJ
CVE: CVE-2024-36481

Reference: https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git/commit/?id=ad4b202da2c498fefb69e5d87f67b946e7fe1e6a

--------------------------------

[ Upstream commit e569eb34970281438e2b48a3ef11c87459fcfbcb ]

btf_find_struct_member() might return NULL or an error via the
ERR_PTR() macro. However, its caller in parse_btf_field() only checks
for the NULL condition. Fix this by using IS_ERR() and returning the
error up the stack.

Link: https://lore.kernel.org/all/20240527094351.15687-1-clopez@suse.de/



Fixes: c440adfb ("tracing/probes: Support BTF based data structure field access")
Signed-off-by: Carlos López <clopez@suse.de>
Signed-off-by: Masami Hiramatsu (Google) <mhiramat@kernel.org>
Signed-off-by: Sasha Levin <sashal@kernel.org>
Signed-off-by: Zheng Yejian <zhengyejian1@huawei.com>

parent 7a9d968b

kernel/trace/trace_probe.c

+4 −0

Original line number	Diff line number	Diff line
		@@ -553,6 +553,10 @@ static int parse_btf_field(char fieldname, const struct btf_type type,
		anon_offs = 0;
		field = btf_find_struct_member(ctx->btf, type, fieldname,
		&anon_offs);
		if (IS_ERR(field)) {
		trace_probe_log_err(ctx->offset, BAD_BTF_TID);
		return PTR_ERR(field);
		}
		if (!field) {
		trace_probe_log_err(ctx->offset, NO_BTF_FIELD);
		return -ENOENT;