Commit b77ffb30 authored Jul 19, 2022 by Dan Carpenter Committed by Alexei Starovoitov Jul 19, 2022

libbpf: fix an snprintf() overflow check



The snprintf() function returns the number of bytes it *would* have
copied if there were enough space.  So it can return > the
sizeof(gen->attach_target).

Fixes: 67234743 ("libbpf: Generate loader program out of BPF ELF file.")
Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
Acked-by: Martin KaFai Lau <kafai@fb.com>
Link: https://lore.kernel.org/r/YtZ+oAySqIhFl6/J@kili


Signed-off-by: Alexei Starovoitov <ast@kernel.org>

parent c5d22f4c

tools/lib/bpf/gen_loader.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -533,7 +533,7 @@ void bpf_gen__record_attach_target(struct bpf_gen gen, const char attach_name,
		gen->attach_kind = kind;
		ret = snprintf(gen->attach_target, sizeof(gen->attach_target), "%s%s",
		prefix, attach_name);
		if (ret == sizeof(gen->attach_target))
		if (ret >= sizeof(gen->attach_target))
		gen->error = -ENOSPC;
		}