search

rust-bpf / rust-bcc

user-friendly rust bindings for the bpf compiler collection
MIT License
475 stars 54 forks source link

`Table::new()` should be private or unsafe #192

Closed LegionMammal978 closed 2 years ago

LegionMammal978 commented 2 years ago

Table::new() can cause a segfault in safe code from dereferencing an arbitrary pointer. To illustrate:

/*
[dependencies]
bcc = "=0.0.32"
*/

use bcc::table::Table;
use std::os::raw::c_void;

fn main() {
    let p = &mut 0usize as *mut _ as *mut c_void;
    let mut table = Table::new(0, p);
    println!("{}", table.key_size());
}

The function should probably be marked unsafe, since the other methods in Table depend on p being a valid BPF module pointer. Alternatively, it should be private (or pub(crate)), since it's really only useful in BPF::table().

brayniac commented 2 years ago

Good find. I do believe the constructor should be restricted to crate level visibility.