golang.net

mirror of https://github.com/golang/net.git synced 2026-04-01 02:47:08 +09:00

Files

Arthur Fabre 27ecd3f315 bpf: fix VM out of bounds LoadMemShift check

The bpf VM did not correctly check the bounds of LoadMemShift
instructions, as it used a size of 0 instead of the correct 1.

A LoadMemShift instruction 1 past the end of the input resulted in a
runtime panic:

    panic(0x5c1d40, 0x7cec00)
            /usr/local/go/src/runtime/panic.go:522 +0x1b5
    golang.org/x/net/bpf.loadMemShift(...)
            /home/afabre/go/pkg/mod/golang.org/x/net@v0.0.0-20190603091049-60506f45cf65/bpf/vm_instructions.go:137
    golang.org/x/net/bpf.(*VM).Run(0xc00000ec40, 0xc0000173c8, 0x2, 0x8, 0x2, 0xc0000173c8, 0x0)
            /home/afabre/go/pkg/mod/golang.org/x/net@v0.0.0-20190603091049-60506f45cf65/bpf/vm.go:131 +0xb0a

Fix this, and rework the out of bounds tests for load instructions to:

* Use an offset one past the end of the input, to catch this

* Use a filter that returns 1, to catch cases were the out of bounds
load does not cause a panic, but does not cause the VM to return 0.

Change-Id: I1e68886915207a34f59765805f907f36dc031f70
Reviewed-on: https://go-review.googlesource.com/c/net/+/180979
Run-TryBot: Matt Layher <mdlayher@gmail.com>
TryBot-Result: Gobot Gobot <gobot@golang.org>
Reviewed-by: Matt Layher <mdlayher@gmail.com>

2019-06-07 17:17:31 +00:00

testdata

bpf: support JumpIf on RegX instead of K

2018-10-11 14:41:30 +00:00

asm.go

…

constants.go

bpf: support JumpIf on RegX instead of K

2018-10-11 14:41:30 +00:00

doc.go

bpf: add Go implementation of virtual machine

2016-06-18 00:31:17 +00:00