diff --git a/libbpf b/libbpf index a2583241a0cfe897a924acf7c666846f1ec3bda5..e6fdf39f4c704221159e9f45f27a3ec6d56cfd4b 160000 --- a/libbpf +++ b/libbpf @@ -1 +1 @@ -Subproject commit a2583241a0cfe897a924acf7c666846f1ec3bda5 +Subproject commit e6fdf39f4c704221159e9f45f27a3ec6d56cfd4b diff --git a/src/task_find.bpf.c b/src/task_find.bpf.c index 190a3034c3b23cf2324212ff31d81ff36f30788c..a0f824405e492a4d7900efa2a39272104a9b9bed 100644 --- a/src/task_find.bpf.c +++ b/src/task_find.bpf.c @@ -22,8 +22,8 @@ int entry(void *ctx) { int err = 0; - char root_path[256]; - err = bpf_probe_read_user(root_path, 256, root_path_user); + char root_path[PATHLEN]; + err = bpf_probe_read_user(root_path, PATHLEN, root_path_user); if (err) { bpf_printk("Error: read_user = %d", err); goto end; @@ -63,7 +63,19 @@ SEC("iterdents64") int process_dirent(struct bpf_dirent64 *d) { int err = 0; - if (d->namelen <= 2) { + /* Skip "." and "..": */ + /* TODO: Why doesn't the verifier get this? */ + if (d->name + 2 > d->name_end) { + goto end; + } + if (d->name[0] == '.' && d->namelen == 1) { + goto end; + } + + if (d->name + 3 > d->name_end) { + goto end; + } + if (d->name[0] == '.' && d->name[1] == '.' && d->namelen == 2) { goto end; } @@ -72,8 +84,6 @@ int process_dirent(struct bpf_dirent64 *d) { goto end; } - bpf_printk("iterating %d/%s", d->dfd, d->name); - int *prog_fd = bpf_map_lookup_elem(&pdpf_map, &PDPF_KEY); if (!prog_fd) { bpf_printk("Error: !bpf_map_lookup_elem(&pdpf_map, &PDPF_KEY)"); diff --git a/src/task_find.c b/src/task_find.c index 93e3654f94fbf59cc40299b4032dc9532b05765a..21512fcdd8e41a240e1660435a01a46ab484924b 100644 --- a/src/task_find.c +++ b/src/task_find.c @@ -167,7 +167,9 @@ static int bpf_find_by_name(const char *path, const char *name, bool debug) { return EXIT_FAILURE; } - skel->bss->root_path_user = path; + char root_path_user[PATHLEN]; + strncpy(root_path_user, path, PATHLEN); + skel->bss->root_path_user = root_path_user; /* Load & verify BPF programs */ err = BPF_LOAD(skel);