From 25feca9f644693cbe42a662bdc3cb61862819d46 Mon Sep 17 00:00:00 2001 From: yangyongguang Date: Thu, 2 Jan 2025 19:17:40 +0800 Subject: [PATCH] fix strdup relative error --- src/common/core_btf.c | 3 + src/common/json_tool.cpp | 9 +++ src/lib/probe/probe_mng.c | 25 +++++--- src/lib/probe/snooper.c | 61 ++++++++++++++----- .../ebpf.probe/src/endpointprobe/endpoint.c | 11 ++-- .../extends/ebpf.probe/src/ioprobe/ioprobe.c | 10 +++ .../ebpf.probe/src/l7probe/conn_tracker.c | 9 +++ .../extends/ebpf.probe/src/l7probe/l7probe.c | 4 ++ .../extends/ebpf.probe/src/lib/conntrack.c | 12 ++++ .../extends/ebpf.probe/src/lib/symbol.c | 17 +++++- .../ebpf.probe/src/tcpprobe/tcp_tracker.c | 15 +++-- 11 files changed, 138 insertions(+), 38 deletions(-) diff --git a/src/common/core_btf.c b/src/common/core_btf.c index ce7c67c5..f8afa936 100644 --- a/src/common/core_btf.c +++ b/src/common/core_btf.c @@ -60,6 +60,9 @@ int ensure_core_btf(struct bpf_object_open_opts* opts) } opts->btf_custom_path = strdup(btf_file); + if (!opts->btf_custom_path) { + return -1; + } return 0; } diff --git a/src/common/json_tool.cpp b/src/common/json_tool.cpp index d5cf52fe..96fceb90 100644 --- a/src/common/json_tool.cpp +++ b/src/common/json_tool.cpp @@ -148,10 +148,16 @@ struct key_value_pairs* Json_GetKeyValuePairs(const void *jsonObj) for (Json::ValueConstIterator it = jsObj.begin(); it != jsObj.end(); ++it) { auto& kv = kv_pairs->kv_pairs[kv_pairs->len]; kv.key = strdup(it.name().c_str()); + if (!kv.key) { + goto err; + } kv.valuePtr = (void *)(&(*it)); ++kv_pairs->len; } return kv_pairs; +err: + Json_DeleteKeyValuePairs(kv_pairs); + return nullptr; } void Json_DeleteKeyValuePairs(struct key_value_pairs *kv_pairs) @@ -307,5 +313,8 @@ char *Json_PrintUnformatted(void *jsonObj) Json::FastWriter writer; std::string strJson = writer.write(*jsObj); char *res = strdup(strJson.c_str()); + if (!res) { + return nullptr; + } return res; } diff --git a/src/lib/probe/probe_mng.c b/src/lib/probe/probe_mng.c index 24027ce9..d0713788 100644 --- a/src/lib/probe/probe_mng.c +++ b/src/lib/probe/probe_mng.c @@ -35,7 +35,7 @@ #include "json_tool.h" #include "probe_mng.h" -static void init_probe_bin(struct probe_s *probe, enum probe_type_e probe_type); +static int init_probe_bin(struct probe_s *probe, enum probe_type_e probe_type); struct probe_define_s probe_define[] = { {"baseinfo", "system_infos", PROBE_BASEINFO, SNOOPER_TYPE_ALL, ENABLE_BASEINFO}, @@ -359,6 +359,9 @@ static struct probe_s* new_probe(const char* name, enum probe_type_e probe_type) memset(probe, 0, sizeof(struct probe_s)); probe->name = strdup(name); + if (!probe->name) { + goto err; + } ret = pthread_rwlock_init(&probe->rwlock, NULL); if (ret) { @@ -376,7 +379,10 @@ static struct probe_s* new_probe(const char* name, enum probe_type_e probe_type) probe->fifo->probe = probe; probe->probe_type = probe_type; probe->snooper_type = probe_define[probe_type - 1].snooper_type; - init_probe_bin(probe, probe_type); + ret = init_probe_bin(probe, probe_type); + if (ret) { + goto err; + } set_default_params(probe); ret = attach_probe_fd(g_probe_mng, probe); @@ -439,13 +445,16 @@ end: return ret; } -static void init_probe_bin(struct probe_s *probe, enum probe_type_e probe_type) +static int init_probe_bin(struct probe_s *probe, enum probe_type_e probe_type) { if (probe_type >= PROBE_TYPE_MAX) { - return; + return -1; } probe->bin = strdup(probe_define[probe_type - 1].bin); + if (!probe->bin) { + return -1; + } if (is_extend_probe(probe)) { probe->is_extend_probe = 1; @@ -453,13 +462,13 @@ static void init_probe_bin(struct probe_s *probe, enum probe_type_e probe_type) } else { int ret = set_probe_entry(probe); if (ret) { - return; + return -1; } probe->is_extend_probe = 0; probe->cb = native_probe_thread_cb; } - return; + return 0; } static int get_probe_pid(struct probe_s *probe) @@ -703,7 +712,6 @@ static int probe_parser_cmd(struct probe_s *probe, const void *item) static void probe_backup_cmd(struct probe_s *probe, struct probe_s *probe_backup) { - probe_backup->bin = probe->bin ? strdup(probe->bin) : NULL; probe_backup->is_extend_probe = probe->is_extend_probe; probe_backup->probe_entry = probe->probe_entry; probe_backup->cb = probe->cb; @@ -716,9 +724,6 @@ static void probe_rollback_cmd(struct probe_s *probe, struct probe_s *probe_back free(probe->bin); } - probe->bin = probe_backup->bin; - probe_backup->bin = NULL; - probe->is_extend_probe = probe_backup->is_extend_probe; probe->probe_entry = probe_backup->probe_entry; probe->cb = probe_backup->cb; diff --git a/src/lib/probe/snooper.c b/src/lib/probe/snooper.c index 15d3ad1d..476aa73e 100644 --- a/src/lib/probe/snooper.c +++ b/src/lib/probe/snooper.c @@ -149,9 +149,17 @@ static int add_snooper_conf_procname(struct probe_s *probe, (void)snprintf(snooper_conf->conf.app.comm, sizeof(snooper_conf->conf.app.comm), "%s", comm); if (cmdline && cmdline[0] != 0) { snooper_conf->conf.app.cmdline = strdup(cmdline); + if (!snooper_conf->conf.app.cmdline) { + free_snooper_conf(snooper_conf); + return -1; + } } if (dbgdir && dbgdir[0] != 0) { snooper_conf->conf.app.debuging_dir = strdup(dbgdir); + if (!snooper_conf->conf.app.debuging_dir) { + free_snooper_conf(snooper_conf); + return -1; + } } snooper_conf->type = SNOOPER_CONF_APP; @@ -733,7 +741,6 @@ void free_snooper_obj(struct snooper_obj_s* snooper_obj) (void)free(snooper_obj->obj.con_info.libssl_path); } } - (void)free(snooper_obj); snooper_obj = NULL; } @@ -970,20 +977,37 @@ static int add_snooper_obj_con_info(struct probe_s *probe, struct con_info_s *co DEBUG("[SNOOPER] Adding container %s to snooper obj\n", con_info->con_id ?:"unknown"); snooper_obj->type = SNOOPER_OBJ_CON; snooper_obj->obj.con_info.cpucg_inode = con_info->cpucg_inode; - if (con_info->con_id) { + if (con_info->con_id[0] != 0) { snooper_obj->obj.con_info.con_id = strdup(con_info->con_id); + if (!snooper_obj->obj.con_info.con_id) { + goto err; + } } - if (probe->probe_type == PROBE_SLI && con_info->container_name) { + if (probe->probe_type == PROBE_SLI && (!con_info->container_name[0])) { snooper_obj->obj.con_info.container_name = strdup(con_info->container_name); + if (!snooper_obj->obj.con_info.container_name) { + goto err; + } } - if (probe->probe_type == PROBE_PROC && con_info->libc_path) { + if (probe->probe_type == PROBE_PROC && (!con_info->libc_path[0])) { snooper_obj->obj.con_info.libc_path = strdup(con_info->libc_path); + if (!snooper_obj->obj.con_info.libc_path) { + goto err; + } } - if (probe->probe_type == PROBE_L7 && con_info->libssl_path) { + if (probe->probe_type == PROBE_L7 && (!con_info->libssl_path[0])) { snooper_obj->obj.con_info.libssl_path = strdup(con_info->libssl_path); + if (!snooper_obj->obj.con_info.libssl_path) { + goto err; + } } probe->snooper_objs[pos] = snooper_obj; return 0; + +err: + WARN("add_snooper_obj_con_info add snooper obj failed !\n"); + free_snooper_obj(snooper_obj); + return -1; } static int gen_snooper_by_procname(struct probe_s *probe) @@ -1149,7 +1173,11 @@ static int gen_snooper_by_container_name(struct probe_s *probe) continue; } - (void)add_snooper_obj_con_info(probe, con_info); + if (add_snooper_obj_con_info(probe, con_info) == -1) { + WARN("[SNOOPER] Fail to add snooper to con info from container name %s\n", + con_info->con_id[0] == 0 ? "null" : con_info->con_id, snooper_conf->conf.container_name); + continue; + } } (void)pclose(f); } @@ -1179,7 +1207,11 @@ static int gen_snooper_by_container(struct probe_s *probe) free_con_id_list(con_id_list); return -1; } - (void)add_snooper_obj_con_info(probe, con_info); + if (add_snooper_obj_con_info(probe, con_info) == -1) { + WARN("[SNOOPER] Fail to add snooper to container info from container name %s\n", + con_info->con_id[0] == 0 ? "null" : con_info->con_id, snooper_conf->conf.container_name); + continue; + } } if (con_id_list) { @@ -1218,7 +1250,11 @@ static int gen_snooper_by_pod(struct probe_s *probe) free_con_id_list(con_id_list); return -1; } - (void)add_snooper_obj_con_info(probe, &con->con_info); + if (add_snooper_obj_con_info(probe, &con->con_info) == -1) { + WARN("[SNOOPER] Fail to add snooper to pod info from container name %s\n", + con->con_info.con_id[0] == 0 ? "null" : con->con_info.con_id, snooper_conf->conf.container_name); + continue; + } } } } @@ -1426,18 +1462,15 @@ static char __rcv_snooper_cgrp_exec_sub(struct probe_s *probe, struct con_info_s if (snooper_conf->type == SNOOPER_CONF_POD_ID) { if (con_info->pod_info_ptr->pod_id[0] != 0 && !strcasecmp(con_info->pod_info_ptr->pod_id, snooper_conf->conf.pod_id)) { - add_snooper_obj_con_info(probe, con_info); - snooper_obj_added = 1; + snooper_obj_added = add_snooper_obj_con_info(probe, con_info) == -1 ? 0 : 1; } } else if (snooper_conf->type == SNOOPER_CONF_CONTAINER_ID) { if (con_info->con_id[0] != 0 && !strcasecmp(con_info->con_id, snooper_conf->conf.container_id)) { - add_snooper_obj_con_info(probe, con_info); - snooper_obj_added = 1; + snooper_obj_added = add_snooper_obj_con_info(probe, con_info) == -1 ? 0: 1; } } else if (snooper_conf->type == SNOOPER_CONF_CONTAINER_NAME) { if (strstr((const char *)con_info->container_name, (const char *)(snooper_conf->conf.container_name)) != NULL) { - add_snooper_obj_con_info(probe, con_info); - snooper_obj_added = 1; + snooper_obj_added = add_snooper_obj_con_info(probe, con_info) == -1 ? 0 : 1; } } } diff --git a/src/probes/extends/ebpf.probe/src/endpointprobe/endpoint.c b/src/probes/extends/ebpf.probe/src/endpointprobe/endpoint.c index 616c639c..76fa6076 100644 --- a/src/probes/extends/ebpf.probe/src/endpointprobe/endpoint.c +++ b/src/probes/extends/ebpf.probe/src/endpointprobe/endpoint.c @@ -625,15 +625,16 @@ static int add_tcp_sock_evt(struct endpoint_probe_s * probe, struct tcp_socket_e ip_str(new_tcp->id.server_ipaddr.family, (unsigned char *)&(new_tcp->id.server_ipaddr.ip), server_ip_str, INET6_ADDRSTRLEN); new_tcp->client_ip = strdup((const char *)client_ip_str); new_tcp->server_ip = strdup((const char *)server_ip_str); + if (new_tcp->client_ip == NULL || new_tcp->server_ip == NULL) { + goto err; + } if (new_tcp->id.toa_client_ipaddr.family == AF_INET || new_tcp->id.toa_client_ipaddr.family == AF_INET6) { ip_str(new_tcp->id.toa_client_ipaddr.family, (unsigned char *)&(new_tcp->id.toa_client_ipaddr.ip), toa_client_ip_str, INET6_ADDRSTRLEN); new_tcp->toa_client_ip = strdup((const char *)toa_client_ip_str); + if (!new_tcp->toa_client_ip) { + goto err; + } } - - if (new_tcp->client_ip == NULL || new_tcp->server_ip == NULL) { - goto err; - } - H_ADD_KEYPTR(probe->tcps, &new_tcp->id, sizeof(struct tcp_socket_id_s), new_tcp); probe->tcp_socks_num++; return 0; diff --git a/src/probes/extends/ebpf.probe/src/ioprobe/ioprobe.c b/src/probes/extends/ebpf.probe/src/ioprobe/ioprobe.c index 3c508e72..b0123cfd 100644 --- a/src/probes/extends/ebpf.probe/src/ioprobe/ioprobe.c +++ b/src/probes/extends/ebpf.probe/src/ioprobe/ioprobe.c @@ -257,6 +257,7 @@ static void free_blk_cache(struct blk_cache_s *cache) } free(cache); + cache = NULL; return; } @@ -293,14 +294,23 @@ static struct blk_cache_s *add_blk_cache(struct blk_cache_s **caches, int major, if (dev_name[0] != 0) { new_cache->dev_name = strdup((const char *)dev_name); + if (!new_cache->dev_name) { + goto err; + } } if (disk_name[0] != 0) { new_cache->disk_name = strdup((const char *)disk_name); + if (!new_cache->disk_name) { + goto err; + } } H_ADD_KEYPTR(*caches, &new_cache->id, sizeof(struct blk_id_s), new_cache); return new_cache; +err: + free_blk_cache(new_cache); + return NULL; } static struct blk_cache_s *get_blk_cache(struct blk_tbl_s *tbl, int major, int minor) diff --git a/src/probes/extends/ebpf.probe/src/l7probe/conn_tracker.c b/src/probes/extends/ebpf.probe/src/l7probe/conn_tracker.c index 8b446a29..de991685 100644 --- a/src/probes/extends/ebpf.probe/src/l7probe/conn_tracker.c +++ b/src/probes/extends/ebpf.probe/src/l7probe/conn_tracker.c @@ -236,6 +236,10 @@ static struct l7_link_s* create_l7_link(const struct l7_link_id_s *id) ip_str(link->id.client_addr.family, (unsigned char *)&(link->id.client_addr.ip), ip, INET6_ADDRSTRLEN); if (ip[0] != 0) { link->client_ip = strdup((const char *)ip); + if (!link->client_ip) { + free(link); + return NULL; + } } } @@ -244,6 +248,11 @@ static struct l7_link_s* create_l7_link(const struct l7_link_id_s *id) ip_str(link->id.server_addr.family, (unsigned char *)&(link->id.server_addr.ip), ip, INET6_ADDRSTRLEN); if (ip[0] != 0) { link->server_ip = strdup((const char *)ip); + if (!link->server_ip) { + free(link->client_ip); + free(link); + return NULL; + } } } diff --git a/src/probes/extends/ebpf.probe/src/l7probe/l7probe.c b/src/probes/extends/ebpf.probe/src/l7probe/l7probe.c index cb6738f0..b8fee8ba 100644 --- a/src/probes/extends/ebpf.probe/src/l7probe/l7probe.c +++ b/src/probes/extends/ebpf.probe/src/l7probe/l7probe.c @@ -162,6 +162,10 @@ static int __add_libssl_prog(struct l7_mng_s *l7_mng, struct bpf_prog_s *prog, c if (l7_mng->bpf_progs.libssl_progs[i].prog == NULL) { l7_mng->bpf_progs.libssl_progs[i].prog = prog; l7_mng->bpf_progs.libssl_progs[i].libssl_path = strdup(libssl); + if (!l7_mng->bpf_progs.libssl_progs[i].libssl_path) { + l7_mng->bpf_progs.libssl_progs[i].prog = NULL; + return -1; + } return 0; } } diff --git a/src/probes/extends/ebpf.probe/src/lib/conntrack.c b/src/probes/extends/ebpf.probe/src/lib/conntrack.c index ead0f88c..6a43d845 100644 --- a/src/probes/extends/ebpf.probe/src/lib/conntrack.c +++ b/src/probes/extends/ebpf.probe/src/lib/conntrack.c @@ -113,6 +113,9 @@ static struct tcp_conntrack_s *parse_conntrack_tcp(const char *s) goto err; } conn_tcp->src = strdup((const char *)sub_str); + if (!conn_tcp->src) { + goto err; + } // parse conntrack tcp dst ip address p = strstr((const char *)s, "dst="); @@ -124,6 +127,9 @@ static struct tcp_conntrack_s *parse_conntrack_tcp(const char *s) goto err; } conn_tcp->dst = strdup((const char *)sub_str); + if (!conn_tcp->dst) { + goto err; + } // parse conntrack tcp src port p = strstr((const char *)p, "sport="); @@ -157,6 +163,9 @@ static struct tcp_conntrack_s *parse_conntrack_tcp(const char *s) goto err; } conn_tcp->reply_src = strdup((const char *)sub_str); + if (!conn_tcp->reply_src) { + goto err; + } // parse conntrack tcp reply dst ip address p = strstr((const char *)p, "dst="); @@ -168,6 +177,9 @@ static struct tcp_conntrack_s *parse_conntrack_tcp(const char *s) goto err; } conn_tcp->reply_dst = strdup((const char *)sub_str); + if (!conn_tcp->reply_src) { + goto err; + } // parse conntrack tcp reply src port p = strstr((const char *)p, "sport="); diff --git a/src/probes/extends/ebpf.probe/src/lib/symbol.c b/src/probes/extends/ebpf.probe/src/lib/symbol.c index 42270a36..8345769b 100644 --- a/src/probes/extends/ebpf.probe/src/lib/symbol.c +++ b/src/probes/extends/ebpf.probe/src/lib/symbol.c @@ -519,7 +519,7 @@ static int get_mod_type(struct mod_info_s* mod_info) return GET_MOD_TYPE; } -static void __do_get_mod_path_byname(struct mod_info_s* mod_info, int proc_id) +static int __do_get_mod_path_byname(struct mod_info_s* mod_info, int proc_id) { char *fmt = "/proc/%d/root%s"; char path[PATH_LEN]; @@ -527,7 +527,10 @@ static void __do_get_mod_path_byname(struct mod_info_s* mod_info, int proc_id) path[0] = 0; (void)snprintf(path, PATH_LEN, fmt, proc_id, mod_info->name); mod_info->path = strdup(path); - return; + if (!mod_info->path) { + return -1; + } + return 0; } #define IS_CONTAIN_STR(s, contain_s) (strstr(s, contain_s)) @@ -548,10 +551,15 @@ static int get_mod_path(struct mod_info_s* mod_info, int proc_id) } if (mod_info->type == MODULE_JVM) { mod_info->path = strdup(mod_info->name); + if (!mod_info->path) { + return -1; + } return 0; } if (!IS_BACKEND_MOD(mod_info->name)) { - __do_get_mod_path_byname(mod_info, proc_id); + if (__do_get_mod_path_byname(mod_info, proc_id) == -1) { + goto err; + } return 0; } @@ -572,6 +580,9 @@ static int get_mod_path(struct mod_info_s* mod_info, int proc_id) if (f_stat.st_ino == mod_info->inode) { mod_info->path = strdup(fd_file); + if (!mod_info->path) { + goto err; + } ret = 0; break; } diff --git a/src/probes/extends/ebpf.probe/src/tcpprobe/tcp_tracker.c b/src/probes/extends/ebpf.probe/src/tcpprobe/tcp_tracker.c index 79ed2320..959ed0e4 100644 --- a/src/probes/extends/ebpf.probe/src/tcpprobe/tcp_tracker.c +++ b/src/probes/extends/ebpf.probe/src/tcpprobe/tcp_tracker.c @@ -141,14 +141,14 @@ struct toa_socket_s *create_toa_sock(const struct toa_sock_id_s *id) return toa_sock; } +#define TCP_TRACKER_MAX (4 * 1024) static struct tcp_tracker_s* create_tcp_tracker(struct tcp_mng_s *tcp_mng, const struct tcp_tracker_id_s *id) { unsigned char src_ip_str[INET6_ADDRSTRLEN]; unsigned char dst_ip_str[INET6_ADDRSTRLEN]; unsigned char toa_src_ip_str[INET6_ADDRSTRLEN]; -#define __TCP_TRACKER_MAX (4 * 1024) - if (tcp_mng->tcp_tracker_count >= __TCP_TRACKER_MAX) { + if (tcp_mng->tcp_tracker_count >= TCP_TRACKER_MAX) { ERROR("[TCPPROBE]: Create 'tcp_tracker' failed(upper to limited).\n"); return NULL; } @@ -168,6 +168,9 @@ static struct tcp_tracker_s* create_tcp_tracker(struct tcp_mng_s *tcp_mng, const if (tracker->id.toa_famlily == AF_INET || tracker->id.toa_famlily == AF_INET6) { ip_str(tracker->id.toa_famlily, (unsigned char *)&(tracker->id.toa_c_ip), toa_src_ip_str, INET6_ADDRSTRLEN); tracker->toa_src_ip = strdup((const char *)toa_src_ip_str); + if (!tracker->toa_src_ip) { + goto err; + } } if (tracker->src_ip == NULL || tracker->dst_ip == NULL) { @@ -180,9 +183,7 @@ static struct tcp_tracker_s* create_tcp_tracker(struct tcp_mng_s *tcp_mng, const return tracker; err: - if (tracker) { - destroy_tcp_tracker(tracker); - } + destroy_tcp_tracker(tracker); return NULL; } @@ -395,6 +396,9 @@ struct tcp_tracker_s *get_tcp_tracker(struct tcp_mng_s *tcp_mng, const void *lin void destroy_tcp_tracker(struct tcp_tracker_s* tracker) { + if (!tracker) { + return; + } if (tracker->src_ip) { free(tracker->src_ip); } @@ -407,7 +411,6 @@ void destroy_tcp_tracker(struct tcp_tracker_s* tracker) free(tracker->toa_src_ip); } free(tracker); - return; } void destroy_tcp_trackers(struct tcp_mng_s *tcp_mng) -- Gitee