fix bug of probe size < 0

eunomia-bpf · Dec 23, 2024 · c703c5d · c703c5d
1 parent 7b43529
commit c703c5d
Show file tree

Hide file tree

Showing 2 changed files with 52 additions and 40 deletions.
diff --git a/runtime/src/bpf_helper.cpp b/runtime/src/bpf_helper.cpp
@@ -3,6 +3,8 @@
  * Copyright (c) 2022, eunomia-bpf org
  * All rights reserved.
  */
+#include <stdexcept>
+#include <system_error>
 #if __APPLE__
 #include <cstdint>
 #include <pthread.h>
@@ -99,28 +101,34 @@ thread_local static void (*origin_segv_read_handler)(int, siginfo_t *,
 thread_local static void (*origin_segv_write_handler)(int, siginfo_t *,
 						      void *) = nullptr;
 
-
 static void segv_read_handler(int sig, siginfo_t *siginfo, void *ctx)
 {
-	SPDLOG_TRACE("segv_handler for probe_read called");
+	SPDLOG_INFO("segv_handler for probe_read called");
 	if (status_probe_read == PROBE_STATUS::NOT_RUNNING) {
-		if (origin_segv_read_handler) {
+		SPDLOG_INFO("segv_handler for probe_read called 2");
+		if (origin_segv_read_handler != nullptr) {
 			origin_segv_read_handler(sig, siginfo, ctx);
 		} else {
-			abort();
+			SPDLOG_INFO("segv_handler for probe_read called 3");
+			throw std::runtime_error(
+				"segv_handler for probe_read called");
 		}
 	} else if (status_probe_read == PROBE_STATUS::RUNNING_NO_ERROR) {
 		// set status to error
 		auto uctx = (ucontext_t *)ctx;
-		auto *rip = (uintptr_t *)(&uctx->uc_mcontext.gregs[REG_RIP]);
+		auto *rip = (greg_t *)(&uctx->uc_mcontext.gregs[REG_RIP]);
 		status_probe_read = PROBE_STATUS::RUNNING_ERROR;
-		*rip = (uintptr_t)&jump_point_read;
+		*rip = (greg_t)&jump_point_read;
 	}
 }
 
-int64_t bpftime_probe_read(uint64_t dst, uint64_t size, uint64_t ptr, uint64_t,
+int64_t bpftime_probe_read(uint64_t dst, int64_t size, uint64_t ptr, uint64_t,
 			   uint64_t)
 {
+	if (size < 0) {
+		SPDLOG_ERROR("Invalid size: {}", size);
+		return -EFAULT;
+	}
 	int64_t ret = 0;
 
 #ifdef ENABLE_PROBE_READ_CHECK
@@ -189,15 +197,19 @@ static void segv_write_handler(int sig, siginfo_t *siginfo, void *ctx)
 	} else if (status_probe_write == PROBE_STATUS::RUNNING_NO_ERROR) {
 		// set status to error
 		auto uctx = (ucontext_t *)ctx;
-		auto *rip = (uintptr_t *)(&uctx->uc_mcontext.gregs[REG_RIP]);
+		auto *rip = (greg_t *)(&uctx->uc_mcontext.gregs[REG_RIP]);
 		status_probe_write = PROBE_STATUS::RUNNING_ERROR;
-		*rip = (uintptr_t)&jump_point_write;
+		*rip = (greg_t)&jump_point_write;
 	}
 }
 
-int64_t bpftime_probe_write_user(uint64_t dst, uint64_t src, uint64_t len,
+int64_t bpftime_probe_write_user(uint64_t dst, uint64_t src, int64_t len,
 				 uint64_t, uint64_t)
 {
+	if (len < 0) {
+		SPDLOG_ERROR("Invalid len: {}", len);
+		return -EFAULT;
+	}
 	int64_t ret = 0;
 
 #ifdef ENABLE_PROBE_WRITE_CHECK

diff --git a/runtime/unit-test/test_probe.cpp b/runtime/unit-test/test_probe.cpp
@@ -3,35 +3,14 @@
 #include <cstdlib>
 #include <cstring>
 #include <unistd.h>
+#include <signal.h>
 
 extern "C" {
 
 uint64_t bpftime_probe_read(uint64_t dst, uint64_t size, uint64_t ptr, uint64_t,
 			    uint64_t);
 uint64_t bpftime_probe_write_user(uint64_t dst, uint64_t src, uint64_t len,
 				  uint64_t, uint64_t);
-
-// prepare for future use
-long bpftime_strncmp(const char *s1, uint64_t s1_sz, const char *s2);
-uint64_t bpftime_get_prandom_u32(void);
-uint64_t bpftime_ktime_get_coarse_ns(uint64_t, uint64_t, uint64_t, uint64_t,
-				     uint64_t);
-uint64_t bpf_ktime_get_coarse_ns(uint64_t, uint64_t, uint64_t, uint64_t,
-				 uint64_t);
-uint64_t bpftime_ktime_get_ns(uint64_t, uint64_t, uint64_t, uint64_t, uint64_t);
-uint64_t bpftime_get_current_pid_tgid(uint64_t, uint64_t, uint64_t, uint64_t,
-				      uint64_t);
-uint64_t bpf_get_current_uid_gid(uint64_t, uint64_t, uint64_t, uint64_t,
-				 uint64_t);
-uint64_t bpftime_get_current_comm(uint64_t buf, uint64_t size, uint64_t,
-				  uint64_t, uint64_t);
-uint64_t bpf_probe_read_str(uint64_t buf, uint64_t bufsz, uint64_t ptr,
-			    uint64_t, uint64_t);
-uint64_t bpftime_get_smp_processor_id();
-uint64_t bpftime_get_attach_cookie(uint64_t ctx, uint64_t, uint64_t, uint64_t,
-				   uint64_t);
-
-uint64_t bpftime_get_smp_processor_id();
 }
 
 TEST_CASE("Test bpftime_probe_read") // test for bpftime_probe_read
@@ -46,11 +25,13 @@ TEST_CASE("Test bpftime_probe_read") // test for bpftime_probe_read
 	for (size_t i = 0; i < len; i++) {
 		REQUIRE(dst[i] == src[i]);
 	}
-	ret = bpftime_probe_read((uint64_t)dst, size, (uint64_t)(nullptr), 0, 0);
+	ret = bpftime_probe_read((uint64_t)dst, size, (uint64_t)(nullptr), 0,
+				 0);
 	REQUIRE(ret == -EFAULT);
 
 	ret = 0;
-	ret = bpftime_probe_read((uint64_t)(nullptr), size, (uint64_t)(nullptr), 0, 0);
+	ret = bpftime_probe_read((uint64_t)(nullptr), size, (uint64_t)(nullptr),
+				 0, 0);
 	REQUIRE(ret == -EFAULT);
 }
 
@@ -59,20 +40,20 @@ TEST_CASE("Test bpftime_probe_write_user") // test for bpftime_probe_write_user
 	int dst[4] = { 0 };
 	int src[4] = { 1, 2, 3, 4 };
 	uint64_t size = sizeof(src);
-	int64_t ret = bpftime_probe_write_user((uint64_t)dst, (uint64_t)src, size,
-					   0, 0);
+	int64_t ret = bpftime_probe_write_user((uint64_t)dst, (uint64_t)src,
+					       size, 0, 0);
 	REQUIRE(ret == 0);
 	size_t len = 4;
 	for (size_t i = 0; i < len; i++) {
 		REQUIRE(dst[i] == src[i]);
 	}
 
-	ret = bpftime_probe_write_user((uint64_t)(nullptr), (uint64_t)(src), size,
-				       0, 0);
+	ret = bpftime_probe_write_user((uint64_t)(nullptr), (uint64_t)(src),
+				       size, 0, 0);
 	REQUIRE(ret == -EFAULT);
 
-	ret = bpftime_probe_write_user((uint64_t)dst, (uint64_t)(nullptr), size, 0,
-				       0);
+	ret = bpftime_probe_write_user((uint64_t)dst, (uint64_t)(nullptr), size,
+				       0, 0);
 	REQUIRE(ret == -EFAULT);
 
 	void *dst1 = (void *)(dst);
@@ -83,4 +64,23 @@ TEST_CASE("Test bpftime_probe_write_user") // test for bpftime_probe_write_user
 	for (size_t i = 0; i < len; i++) {
 		REQUIRE(((int *)dst1)[i] == ((int *)src1)[i]);
 	}
+}
+
+TEST_CASE("Test Probe read/write size valid or not ")
+{
+	int dst[4] = { 0 };
+	int src[4] = { 1, 2, 3, 4 };
+	uint64_t size = sizeof(src);
+	int64_t ret =
+		bpftime_probe_read((uint64_t)dst, -1, (uint64_t)src, 0, 0);
+	REQUIRE(ret == -EFAULT);
+	ret = bpftime_probe_write_user((uint64_t)dst, (uint64_t)src, -1, 0, 0);
+	REQUIRE(ret == -EFAULT);
+	ret = bpftime_probe_read((uint64_t)dst, -1, (uint64_t)(nullptr), 0, 0);
+	REQUIRE(ret == -EFAULT);
+	ret = bpftime_probe_read((uint64_t)dst, size, (uint64_t)(src), 0, 0);
+	REQUIRE(ret == 0);
+	for (size_t i = 0; i < 4; i++) {
+		REQUIRE(dst[i] == src[i]);
+	}
 }