From: Jean-Philippe Brucker Date: Mon, 13 Dec 2021 18:30:59 +0000 (+0000) Subject: selftests/bpf: Fix segfault in bpf_tcp_ca X-Git-Tag: v6.1-rc5~2306^2~92^2~35 X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=acd143eefb8270b8f50e2ce44e2fcdbbcf496a86;p=platform%2Fkernel%2Flinux-starfive.git selftests/bpf: Fix segfault in bpf_tcp_ca Since commit ad9a7f96445b ("libbpf: Improve logging around BPF program loading"), libbpf_debug_print() gets an additional prog_name parameter but doesn't pass it to printf(). Since the format string now expects two arguments, printf() may read uninitialized data and segfault. Pass prog_name through. Fixes: ad9a7f96445b ("libbpf: Improve logging around BPF program loading") Signed-off-by: Jean-Philippe Brucker Signed-off-by: Andrii Nakryiko Link: https://lore.kernel.org/bpf/20211213183058.346066-1-jean-philippe@linaro.org --- diff --git a/tools/testing/selftests/bpf/prog_tests/bpf_tcp_ca.c b/tools/testing/selftests/bpf/prog_tests/bpf_tcp_ca.c index 8daca0a..8f7a1ce 100644 --- a/tools/testing/selftests/bpf/prog_tests/bpf_tcp_ca.c +++ b/tools/testing/selftests/bpf/prog_tests/bpf_tcp_ca.c @@ -217,7 +217,7 @@ static bool found; static int libbpf_debug_print(enum libbpf_print_level level, const char *format, va_list args) { - const char *log_buf; + const char *prog_name, *log_buf; if (level != LIBBPF_WARN || !strstr(format, "-- BEGIN PROG LOAD LOG --")) { @@ -225,15 +225,14 @@ static int libbpf_debug_print(enum libbpf_print_level level, return 0; } - /* skip prog_name */ - va_arg(args, char *); + prog_name = va_arg(args, char *); log_buf = va_arg(args, char *); if (!log_buf) goto out; if (err_str && strstr(log_buf, err_str) != NULL) found = true; out: - printf(format, log_buf); + printf(format, prog_name, log_buf); return 0; }