bpf: fix missing error return in check_stack_boundary()
authorJann Horn <jannh@google.com>
Tue, 19 Dec 2017 04:11:57 +0000 (20:11 -0800)
committerDaniel Borkmann <daniel@iogearbox.net>
Thu, 21 Dec 2017 01:15:41 +0000 (02:15 +0100)
commitea25f914dc164c8d56b36147ecc86bc65f83c469
treeae74d60039bef82d303017c162822f4fa8ddbf02
parent468f6eafa6c44cb2c5d8aad35e12f06c240a812a
bpf: fix missing error return in check_stack_boundary()

Prevent indirect stack accesses at non-constant addresses, which would
permit reading and corrupting spilled pointers.

Fixes: f1174f77b50c ("bpf/verifier: rework value tracking")
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: Alexei Starovoitov <ast@kernel.org>
Signed-off-by: Daniel Borkmann <daniel@iogearbox.net>
kernel/bpf/verifier.c