bad-bpf icon indicating copy to clipboard operation
bad-bpf copied to clipboard

verified publisher icon pathtofile

Metadata

A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29

Results 2 bad-bpf issues
Sort by recently updated
recently updated
newest added

initialize and check buffers with the correct maximum length

Thanks for sharing your great work on this. I noticed that the find/replace buffers were being initialized and checked with the filename_len_max value instead of the text_len_max value. This seems...

levilloyd avatar levilloyd

There are problems with the user-mode code in the pidhide

Maybe adding `bpf_program__set_autoattach(skel->progs.handle_getdents_patch, false);` before the code `err = pidhide_bpf__load(skel);` is a good choice? In my test, I found that function `handle_getdents_patch` will also be automatically mounted, not just called...

carl1l avatar carl1l

Metadata

580
Stars
84
Forks
Watchers

Owner

verified publisher icon pathtofile

Metadata

A collection of eBPF programs demonstrating bad behavior, presented at DEF CON 29

Back