mirror of
https://github.com/hardkernel/linux.git
synced 2026-03-24 19:40:21 +09:00
0cfbadb153
[ Upstream commit8a0260dbf6] realloc() and reallocarray() can either return NULL or a special non-NULL pointer, if their size argument is zero. This requires a bit more care to handle NULL-as-valid-result situation differently from NULL-as-error case. This has caused real issues before ([0]), and just recently bit again in production when performing bpf_program__attach_usdt(). This patch fixes 4 places that do or potentially could suffer from this mishandling of NULL, including the reported USDT-related one. There are many other places where realloc()/reallocarray() is used and NULL is always treated as an error value, but all those have guarantees that their size is always non-zero, so those spot don't need any extra handling. [0]d08ab82f59("libbpf: Fix double-free when linker processes empty sections") Fixes:999783c8bb("libbpf: Wire up spec management and other arch-independent USDT logic") Fixes:b63b3c490e("libbpf: Add bpf_program__set_insns function") Fixes:697f104db8("libbpf: Support custom SEC() handlers") Fixes:b126882672("libbpf: Change the order of data and text relocations.") Signed-off-by: Andrii Nakryiko <andrii@kernel.org> Signed-off-by: Daniel Borkmann <daniel@iogearbox.net> Link: https://lore.kernel.org/bpf/20230711024150.1566433-1-andrii@kernel.org Signed-off-by: Sasha Levin <sashal@kernel.org>