Skip to content

Commit

Permalink
Mark [r1-r5] as invalid on exit
Browse files Browse the repository at this point in the history
Signed-off-by: Alan Jowett <[email protected]>
  • Loading branch information
Alan Jowett committed May 7, 2024
1 parent da8be56 commit 2491e7d
Showing 1 changed file with 8 additions and 6 deletions.
14 changes: 8 additions & 6 deletions vm/ubpf_vm.c
Original file line number Diff line number Diff line change
Expand Up @@ -542,13 +542,15 @@ ubpf_validate_shadow_register(const struct ubpf_vm* vm, uint16_t* shadow_registe
if (inst.opcode == EBPF_OP_CALL) {
// Mark the return address register as initialized.
*shadow_registers |= 1 << 0;
// Mark r1-r5 as uninitialized.
*shadow_registers &= ~0x3e;
}

if (inst.opcode == EBPF_OP_EXIT && !(*shadow_registers & (1 << 0))) {
vm->error_printf(stderr, "Error: Return address register r0 is not initialized.\n");
return false;
if (inst.opcode == EBPF_OP_EXIT) {
if (!(*shadow_registers & (1 << 0))) {
vm->error_printf(stderr, "Error: Return address register r0 is not initialized.\n");
return false;
}
// Mark r1-r5 as uninitialized.
*shadow_registers &= ~0x3e;
}

return true;
Expand Down Expand Up @@ -933,7 +935,7 @@ ubpf_exec(const struct ubpf_vm* vm, void* mem, size_t mem_len, uint64_t* bpf_ret
}
break;
case EBPF_OP_JEQ32_REG:
if (u32(reg[inst.dst]) == reg[inst.src]) {
if (u32(reg[inst.dst]) == u32(reg[inst.src])) {
pc += inst.offset;
}
break;
Expand Down

0 comments on commit 2491e7d

Please sign in to comment.