From patchwork Tue Mar 7 21:55:04 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Daniel_M=C3=BCller?= X-Patchwork-Id: 13164789 X-Patchwork-Delegate: bpf@iogearbox.net Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 35CC4C678D5 for ; Tue, 7 Mar 2023 21:55:21 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S229574AbjCGVzT (ORCPT ); Tue, 7 Mar 2023 16:55:19 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:39980 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231589AbjCGVzS (ORCPT ); Tue, 7 Mar 2023 16:55:18 -0500 Received: from mout02.posteo.de (mout02.posteo.de [185.67.36.66]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 01CDFA1FD7 for ; Tue, 7 Mar 2023 13:55:12 -0800 (PST) Received: from submission (posteo.de [185.67.36.169]) by mout02.posteo.de (Postfix) with ESMTPS id 674F924083F for ; Tue, 7 Mar 2023 22:55:11 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=posteo.net; s=2017; t=1678226111; bh=B97Zxqmv2jJRC3pdnHqz4vUKQ13wY6DAjIWdt+drjxI=; h=From:To:Subject:Date:From; b=HiKtR5ZdJmdzd986uXT1CRJwSqR7WRsI+j6bIhlLz6dRhor4GkExAclomUTWO0rsL ziQKmhwPn2SI5TqQzgMp6D1iWu3rk2lZgNjw5dn6+onwNkiNWLShVQtorREd0XW8xZ B7JzpvOZ3gV2V8s1b9tiSF/GLoIs/FJOpzzF3YCAnnX9P+JhEdAL5U5Wa/a5V7TeqI iPun+2qo6xKCGHqtzwQO6FjnIsMW/rESRflfL1f3TH2VF8dZ/zfp3UAEAl18B2gwoK k9WnbgPLggMkLh+IamVcic+PxlbSUF5Ip+1x1/gcp/3+8GpLGIoHARIlMWTuqAWUpd nyZENroAaf1Qw== Received: from customer (localhost [127.0.0.1]) by submission (posteo.de) with ESMTPSA id 4PWTl249zYz6tm4; Tue, 7 Mar 2023 22:55:10 +0100 (CET) From: =?utf-8?q?Daniel_M=C3=BCller?= To: bpf@vger.kernel.org, ast@kernel.org, andrii@kernel.org, daniel@iogearbox.net, kafai@meta.com, kernel-team@meta.com Subject: [PATCH bpf-next] libbpf: Fix theoretical u32 underflow in find_cd() function Date: Tue, 7 Mar 2023 21:55:04 +0000 Message-Id: <20230307215504.837321-1-deso@posteo.net> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: bpf@vger.kernel.org X-Patchwork-Delegate: bpf@iogearbox.net Coverity reported a potential underflow of the offset variable used in the find_cd() function. Switch to using a signed 64 bit integer for the representation of offset to make sure we can never underflow. Fixes: 1eebcb60633f ("libbpf: Implement basic zip archive parsing support") Signed-off-by: Daniel Müller --- tools/lib/bpf/zip.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/tools/lib/bpf/zip.c b/tools/lib/bpf/zip.c index 8458c2..f561aa 100644 --- a/tools/lib/bpf/zip.c +++ b/tools/lib/bpf/zip.c @@ -168,9 +168,8 @@ static int try_parse_end_of_cd(struct zip_archive *archive, __u32 offset) static int find_cd(struct zip_archive *archive) { + int64_t limit, offset; int rc = -EINVAL; - int64_t limit; - __u32 offset; if (archive->size <= sizeof(struct end_of_cd_record)) return -EINVAL;