libbpf-tools: Fix misaligned pointer accesses in opensnoop

The perf buffer in opensnoop doesn't maintain 8 byte alignment for ts and callers in struct event. When building with " -fsanitize=alignment -fsanitize-trap=undefined" failures happen in handle_event. Fix these by copying the event from the perf buffer before accessing. This is similar to a fix in exitsnoop where different ways to handle misaligned pointers were discussed: iovisor#4760 Signed-off-by: Ian Rogers <[email protected]>
dkruces · Nov 28, 2024 · f7aeff3 · f7aeff3
1 parent 09f8b78
commit f7aeff3
Showing 1 changed file with 17 additions and 10 deletions.
diff --git a/libbpf-tools/opensnoop.c b/libbpf-tools/opensnoop.c
@@ -201,7 +201,7 @@ static void sig_int(int signo)
 
 void handle_event(void *ctx, int cpu, void *data, __u32 data_sz)
 {
-	const struct event *e = data;
+	struct event e;
 	struct tm *tm;
 #ifdef USE_BLAZESYM
 	sym_src_cfg cfgs[] = {
@@ -216,25 +216,32 @@ void handle_event(void *ctx, int cpu, void *data, __u32 data_sz)
 	time_t t;
 	int fd, err;
 
+	if (data_sz < sizeof(e)) {
+   	   	printf("Error: packet too small\n");
+   	   	return;
+	}
+	/* Copy data as alignment in the perf buffer isn't guaranteed. */
+	memcpy(&e, data, sizeof(e));
+
 	/* name filtering is currently done in user space */
-	if (env.name && strstr(e->comm, env.name) == NULL)
+	if (env.name && strstr(e.comm, env.name) == NULL)
 		return;
 
 	/* prepare fields */
 	time(&t);
 	tm = localtime(&t);
 	strftime(ts, sizeof(ts), "%H:%M:%S", tm);
-	if (e->ret >= 0) {
-		fd = e->ret;
+	if (e.ret >= 0) {
+		fd = e.ret;
 		err = 0;
 	} else {
 		fd = -1;
-		err = - e->ret;
+		err = - e.ret;
 	}
 
 #ifdef USE_BLAZESYM
 	if (env.callers)
-		result = blazesym_symbolize(symbolizer, cfgs, 1, (const uint64_t *)&e->callers, 2);
+		result = blazesym_symbolize(symbolizer, cfgs, 1, (const uint64_t *)&e.callers, 2);
 #endif
 
 	/* print output */
@@ -244,16 +251,16 @@ void handle_event(void *ctx, int cpu, void *data, __u32 data_sz)
 		sps_cnt += 9;
 	}
 	if (env.print_uid) {
-		printf("%-7d ", e->uid);
+		printf("%-7d ", e.uid);
 		sps_cnt += 8;
 	}
-	printf("%-6d %-16s %3d %3d ", e->pid, e->comm, fd, err);
+	printf("%-6d %-16s %3d %3d ", e.pid, e.comm, fd, err);
 	sps_cnt += 7 + 17 + 4 + 4;
 	if (env.extended) {
-		printf("%08o ", e->flags);
+		printf("%08o ", e.flags);
 		sps_cnt += 9;
 	}
-	printf("%s\n", e->fname);
+	printf("%s\n", e.fname);
 
 #ifdef USE_BLAZESYM
 	for (i = 0; result && i < result->size; i++) {