libbpf: Improve sanity checking during BTF fix up

If BTF is corrupted DATASEC's variable type ID might be incorrect. Prevent this easy to detect situation with extra NULL check. Reported by oss-fuzz project. Signed-off-by: Andrii Nakryiko <[email protected]> Signed-off-by: Alexei Starovoitov <[email protected]> Acked-by: Yonghong Song <[email protected]> Link: https://lore.kernel.org/bpf/[email protected]
author: Andrii Nakryiko <[email protected]> 2021-11-03 10:32:10 -0700
committer: Alexei Starovoitov <[email protected]> 2021-11-03 13:25:37 -0700
commit: 88918dc12dc357a06d8d722a684617b1c87a4654 (patch)
tree: f62ea560b498180fca2d5a0b31a14b66fb4c6648
parent: 833907876be55205d0ec153dcd819c014404ee16 (diff)
1 files changed, 2 insertions, 3 deletions
diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
index 71f5a009010a..f836a1936597 100644
--- a/tools/lib/bpf/libbpf.c
+++ b/tools/lib/bpf/libbpf.c
@@ -2752,13 +2752,12 @@ static int btf_fixup_datasec(struct bpf_object *obj, struct btf *btf,
 
 	for (i = 0, vsi = btf_var_secinfos(t); i < vars; i++, vsi++) {
 		t_var = btf__type_by_id(btf, vsi->type);
-		var = btf_var(t_var);
-
-		if (!btf_is_var(t_var)) {
+		if (!t_var || !btf_is_var(t_var)) {
 			pr_debug("Non-VAR type seen in section %s\n", name);
 			return -EINVAL;
 		}
 
+		var = btf_var(t_var);
 		if (var->linkage == BTF_VAR_STATIC)
 			continue;
author	Andrii Nakryiko <[email protected]>	2021-11-03 10:32:10 -0700
committer	Alexei Starovoitov <[email protected]>	2021-11-03 13:25:37 -0700
commit	88918dc12dc357a06d8d722a684617b1c87a4654 (patch)
tree	f62ea560b498180fca2d5a0b31a14b66fb4c6648
parent	833907876be55205d0ec153dcd819c014404ee16 (diff)