Skip to content

Commit

Permalink
kprobes: Fix KRETPROBES when CONFIG_KRETPROBE_ON_RETHOOK is set
Browse files Browse the repository at this point in the history 
The recent kernel change in 73f9b91 ("kprobes: Use rethook for kretprobe
if possible"), introduced a potential NULL pointer dereference bug in the
KRETPROBE mechanism. The official Kprobes documentation defines that "Any or
all handlers can be NULL". Unfortunately, there is a missing return handler
verification to fulfill these requirements and can result in a NULL pointer
dereference bug.

This patch adds such verification in kretprobe_rethook_handler() function.

Fixes: 73f9b91 ("kprobes: Use rethook for kretprobe if possible")
Signed-off-by: Adam Zabrocki <[email protected]>
Signed-off-by: Daniel Borkmann <[email protected]>
Acked-by: Masami Hiramatsu <[email protected]>
Cc: Steven Rostedt <[email protected]>
Cc: Naveen N. Rao <[email protected]>
Cc: Anil S. Keshavamurthy <[email protected]>
Link: https://lore.kernel.org/bpf/[email protected]
  • Loading branch information
@Adam-pi3 @borkmann
Adam-pi3 authored and borkmann committed Apr 26, 2022
1 parent b02d196 commit 1d661ed
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion kernel/kprobes.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -2126,7 +2126,7 @@ static void kretprobe_rethook_handler(struct rethook_node *rh, void *data,
struct kprobe_ctlblk *kcb;

/* The data must NOT be null. This means rethook data structure is broken. */
if (WARN_ON_ONCE(!data))
if (WARN_ON_ONCE(!data) || !rp->handler)
return;

__this_cpu_write(current_kprobe, &rp->kp);
Expand Down

0 comments on commit 1d661ed

Please sign in to comment.