From 9f12e8484452c7643cff0b82a6acea3563690584 Mon Sep 17 00:00:00 2001 From: pouriyajamshidi Date: Fri, 3 May 2024 23:07:37 +0200 Subject: [PATCH] attempt to fix garbage memory access in packet_t struct --- bpf/flat.c | 5 +++++ internal/probe/probe_bpfeb.o | Bin 7560 -> 7696 bytes internal/probe/probe_bpfel.o | Bin 7568 -> 7704 bytes 3 files changed, 5 insertions(+) diff --git a/bpf/flat.c b/bpf/flat.c index 952335a..2e42551 100755 --- a/bpf/flat.c +++ b/bpf/flat.c @@ -2,6 +2,7 @@ #include #include +#include #include #include @@ -149,6 +150,10 @@ int flat(struct __sk_buff* skb) { return TC_ACT_OK; } + // Zero-initialize the memory region of pkt + // so that we do not access garbage + memset(pkt, 0, sizeof(struct packet_t)); + uint32_t offset = 0; if (handle_ip_packet(head, tail, &offset, pkt) == TC_ACT_OK) { diff --git a/internal/probe/probe_bpfeb.o b/internal/probe/probe_bpfeb.o index b78fecbb86c0f9b6b1ebebf10364d12e0df7e202..f6d34e4a380b47b362450022e084fff6154fc77f 100644 GIT binary patch delta 1452 zcmZ9LUr5tY6vxlK_qTsKZOhHMP4kCon-w`JRG9yu2qCD6QVM|*2@?|r`A`YXhk`xD z)-{M8VnNV?9##ty@?rVpOW{KgQa$vj(8C@gf_mtj{SI?73 zCw6kN(_%Jvy-!T#)+4Tqfa6^jAh$W#f1Y4<5u!YsJh$=e;n~SEy#5(g;$Er4h$}Iv zXB`pm-eA5Da+>rq^COTqY{(Vn zEr25SLa+fvjJhyc-^Zc8-}a|;~c=Q7vu3d?!`F4`~cv`DU8{nK}_A4 zXB{uBke*`xg%3wM8?;3L{t~aTzLmxew2-kDY%?I79T;cpIDm1U`7Q`|8^#;VPe4S; z(RLk^p&jNA=%oeY-8w#w@t(!@bQ7Ax3ndkSZ)%T$m?lm#Pl34FiOi1d#8{AI2lhK? z9)F;c3kDvN3${N6x!#O=fzKnR{cIpzO&Gw1vXxLffF0Cyc2LtRR=&dyavT303I#IY zaDrIJH&-6!9uUv5L&~gU?2xhyr@?UrM4<~8Vw^x6Mjm2b1M!OV@j51bg82oAB6dtA z>bMn|JLuR3@s{)y>%^pIiD$6leGs3I;KE~0AjTG{yv5FDd_K~-g;gfKXz6IYI#ikS z`$2Bn^kk?@U+{H{4W04@f_t1q({21ni)B{leE~1_wl)?qlG+$y|6+qe8)%6Ihjyr16=?>C3JwJk>=s-S2cd3> zw?ajb2o4!41mjS!n+^&h1uIls>ej&_V^9ab^WHIec;V&V-}%nF_dDn2m1owb%M)t8 zk~y!gRc=qHh06Mnnyb8@QnQV5HEh&U)-0+89n8ugxuRi}LBC~H_^`0)yxC!blw)srjA-wN!lXR#Hk<@=Y z?6QuLPOzPfhsVHq;X9-=Y4Eb}YtrM)E5g4?7qh%Up%cjRfhCvCMbZo1;JWZb(u=Hb z2|pp)>;dn2*bhDs-X_{U4sLlE`RJQdpf5s2+C2t9=eS}7Xmazen|WTC^O+Z2_Ky`w`I3PAzW^8})Qa#`cw;jq;k%^Ls7RGP z%oS}2ualZNfpyixqgYD^{rjXA_`Ig82Z{z}5YQP3oPn1?uv8Rah9NB#1TK-fiT|D! z!z4qC;lL{C60TI=ll_?aeJQ}vC&6p3UTkk56|@toZbDn%k`2F+euE3tAB4Z78Mt%3 zC)`5u=#W0}Fgm2A;@~K$m#4rjM=z2Sh~s;}Nqncl>!fN(Fd+}K-Ya~c)FwJ+q8{!C zO9z9`&~4VUqBFCe7v3hda}vDFJck20fEJk*N%%o(mlLFgL1xwqt`48hFl#P{e57l( z+LyBL`qHtIs60Kw<9^Yw@HiZa!9shic0^sZnQ;FAx3oQ;c4U*c%Xk^bx5tBys<&)8 z98pnQ3tv$++X@e=QX|^mGL6*0l0u{qpVa2S*5f&CTDBR#(8Zr9#^E8GO-yx-yW}HV pNKC1WttWCiykVO>)odo2I}{dUX2%wilRCCx>&cvsJ-5wd>MtB}&glRE diff --git a/internal/probe/probe_bpfel.o b/internal/probe/probe_bpfel.o index edf1bafadfdf535a04e10e82e61354fcccafe20d..909e6c6d19b5eaeb8558f3dc1d3a9097f8bda846 100644 GIT binary patch delta 1484 zcmZA1QAm?f6bJBg@3!2BZkg%6xoHk7{AOYkA`MN2itHg&k{S_Z$s#jJbAc5!g94wz zbuF}qCVLOmT{`e_`JHp_{qFAN+eGtJ%Y-AA z($QVwXu5B^=t-*@tCMuRv?x8_*swo`D|Z|oBRmFqEauV6Bh7xRcZuuSYIn0sbgSb9 zHPOTQnm>dVf#(E_alM|AFA?cw66#rj?HkOe3Uu{K_I<%amou0c97!adp@C#wBvuz0 z>A##ff7%&IUbxtoj0~OZ8%QKiB%{&h>~P^nx95|KXhj_?-kjR4*FenUZEy9P-7@zg z?G-#$k)#OM*X*#%C6PZODQ0*Z9A^)pzGa7`UiNeCn4~l8pORAKZ;>?mFF_VO&fbG< z7IsORW8Z+S9!U%A+py=Hq!soX*q0#+V&nP;XnSCX{RJ+;H1Sa9frej7yA+F zl^H>C!vT1Ry{PLiaDs*d@RasZ?Dz{BHhmCupBuDoc!urA*S-lCnlWs{bL_PvUt~9+ z-}6eU?odQ^l}5yZ8ZNcV^^KcxDF;bY>OrY}K%cG|{ap28O*5uBuQzW-n)7o?l-cF_ zZp=8v)wpUX>lB~WwX!NPo_$dE+a<}Jy;Xi(Ah{Z9l#W}~hFe9G>JPVB`|xe(=uxxb zMr*n_uVS?tZWI|6t!R_MfI3^zDxH9OQqgL41o9orYPAAOg;Z^2t5vW6Q4x>TaJcFZ Du<+}| delta 1348 zcmZA0Pe_wt90%~<^K8p4nN4eZ-QF!nSxyZzi8fLELl+6Hg@+_MOu7gW=uNw99Rj;; zJQ+rp9V8}rSX&1{4?>rMkP%+Oi{3hPSe<4C^?kOV_23WQ!RPmVw)c5{d*9XJ>`*o) zlDY0dF`avORZQhnmzc=CkBjkgujq4#d*%DiA&2NxFPpkryWOO#C4>)wYe4NbS(g&% zLT7Yj>kpI{*H~k9llJZMY4@6=yx;uU>H6d#I#4Cw#q_X_P+R!=uKq!izF7u1=#X%|t%DJXT^fGv2QeHU)Wc9+?Y;kHgetA@RB zp8W#(*3+r!lBBf1QCV0&YREf`a;=Tpc-53pf2hFhlslwieU0Fc~>>AvLaa0X^;TpRK zFT;g393RiZmcadW!$!khZxBuE1(=`Duno7fpCFHH2#OjGzzOziofk1d!vQ$O-bQ}D zB4|$g7B-?A78>)s;7~8v6SQd9f-~&niDcPMHzrV!>M#^hAI?RC`dKmSc^!Cbl<-@@ z6y{*o0;dIa4XK{0S+6)vsad3Y2WCCxbVudKhRzP