libbpf: fix detection of corrupted BPF instructions section

Ensure that size of a section w/ BPF instruction is exactly a multiple
of BPF instruction size.

Signed-off-by: Andrii Nakryiko <andriin@fb.com>
Acked-by: Song Liu <songliubraving@fb.com>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>

diff --git a/tools/lib/bpf/libbpf.c b/tools/lib/bpf/libbpf.c
index 30cb08e..c985a79 100644 (file)
--- a/tools/lib/bpf/libbpf.c
+++ b/tools/lib/bpf/libbpf.c
@@ -349,8 +349,11 @@ static int
 bpf_program__init(void *data, size_t size, char *section_name, int idx,
                  struct bpf_program *prog)
 {
-       if (size < sizeof(struct bpf_insn)) {
-               pr_warning("corrupted section '%s'\n", section_name);
+       const size_t bpf_insn_sz = sizeof(struct bpf_insn);
+
+       if (size == 0 || size % bpf_insn_sz) {
+               pr_warning("corrupted section '%s', size: %zu\n",
+                          section_name, size);
                return -EINVAL;
        }
 
@@ -376,9 +379,8 @@ bpf_program__init(void *data, size_t size, char *section_name, int idx,
                           section_name);
                goto errout;
        }
-       prog->insns_cnt = size / sizeof(struct bpf_insn);
-       memcpy(prog->insns, data,
-              prog->insns_cnt * sizeof(struct bpf_insn));
+       prog->insns_cnt = size / bpf_insn_sz;
+       memcpy(prog->insns, data, size);
        prog->idx = idx;
        prog->instances.fds = NULL;
        prog->instances.nr = -1;