The following issues were found
tools/testing/selftests/bpf/progs/test_sockmap_kern.h
1 issues
Line: 147
Column: 3
CWE codes:
120
Suggestion:
Make sure destination can always hold the source data
data_end = (void *)(long)skb->data_end;
if (c + 5 + offset < data_end)
memcpy(c + offset, "PASS", 4);
}
SEC("sk_skb3")
int bpf_prog3(struct __sk_buff *skb)
{
Reported by FlawFinder.
tools/testing/selftests/bpf/progs/test_tc_bpf.c
1 issues
Line: 8
/* Dummy prog to test TC-BPF API */
SEC("classifier")
int cls(struct __sk_buff *skb)
{
return 0;
}
Reported by Cppcheck.
tools/testing/selftests/bpf/progs/test_tc_tunnel.c
1 issues
Line: 531
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
static int decap_internal(struct __sk_buff *skb, int off, int len, char proto)
{
char buf[sizeof(struct v6hdr)];
struct gre_hdr greh;
struct udphdr udph;
int olen = len;
switch (proto) {
Reported by FlawFinder.
tools/testing/selftests/bpf/progs/test_tcpbpf_kern.c
1 issues
Line: 46
Column: 2
CWE codes:
119
120
Suggestion:
Perform bounds checking, use functions that limit length, or ensure that the size is larger than the maximum possible length
SEC("sockops")
int bpf_testcb(struct bpf_sock_ops *skops)
{
char header[sizeof(struct ipv6hdr) + sizeof(struct tcphdr)];
struct bpf_sock_ops *reuse = skops;
struct tcphdr *thdr;
int window_clamp = 9216;
int good_call_rv = 0;
int bad_call_rv = 0;
Reported by FlawFinder.
tools/testing/selftests/bpf/progs/test_xdp_adjust_tail_grow.c
1 issues
Line: 5
#include <linux/bpf.h>
#include <bpf/bpf_helpers.h>
SEC("xdp_adjust_tail_grow")
int _xdp_adjust_tail_grow(struct xdp_md *xdp)
{
void *data_end = (void *)(long)xdp->data_end;
void *data = (void *)(long)xdp->data;
unsigned int data_len;
Reported by Cppcheck.
tools/testing/selftests/bpf/progs/test_xdp_devmap_helpers.c
1 issues
Line: 8
#include <linux/bpf.h>
#include <bpf/bpf_helpers.h>
SEC("xdp_dm_log")
int xdpdm_devlog(struct xdp_md *ctx)
{
char fmt[] = "devmap redirect: dev %u -> dev %u len %u\n";
void *data_end = (void *)(long)ctx->data_end;
void *data = (void *)(long)ctx->data;
Reported by Cppcheck.
tools/testing/selftests/bpf/progs/test_xdp_meta.c
1 issues
Line: 11
#define round_up(x, y) ((((x) - 1) | __round_mask(x, y)) + 1)
#define ctx_ptr(ctx, mem) (void *)(unsigned long)ctx->mem
SEC("t")
int ing_cls(struct __sk_buff *ctx)
{
__u8 *data, *data_meta, *data_end;
__u32 diff = 0;
Reported by Cppcheck.
tools/testing/selftests/bpf/progs/xdp_dummy.c
1 issues
Line: 7
#include <linux/bpf.h>
#include <bpf/bpf_helpers.h>
SEC("xdp_dummy")
int xdp_dummy_prog(struct xdp_md *ctx)
{
return XDP_PASS;
}
Reported by Cppcheck.
tools/testing/selftests/bpf/progs/xdp_tx.c
1 issues
Line: 6
#include <linux/bpf.h>
#include <bpf/bpf_helpers.h>
SEC("tx")
int xdp_tx(struct xdp_md *xdp)
{
return XDP_TX;
}
Reported by Cppcheck.
tools/bpf/bpftool/struct_ops.c
1 issues
Line: 53
Column: 17
CWE codes:
126
t = btf__type_by_id(kern_btf, info->btf_vmlinux_value_type_id);
st_ops_name = btf__name_by_offset(kern_btf, t->name_off);
st_ops_name += strlen(STRUCT_OPS_VALUE_PREFIX);
return st_ops_name;
}
static __s32 get_map_info_type_id(void)
Reported by FlawFinder.