From cd5f5ed2a545040b24c7a0dbffc8c0a139a75374 Mon Sep 17 00:00:00 2001
From: xfoukas <xefouk@microsoft.com>
Date: Sun, 19 Feb 2023 19:17:43 +0000
Subject: [PATCH 1/2] Example with invalid access beyond shared region

Signed-off-by: xfoukas <xefouk@microsoft.com>
---
 src/invalid_map_access.c | 64 ++++++++++++++++++++++++++++++++++++++++
 1 file changed, 64 insertions(+)
 create mode 100644 src/invalid_map_access.c

diff --git a/src/invalid_map_access.c b/src/invalid_map_access.c
new file mode 100644
index 0000000..ab751cd
--- /dev/null
+++ b/src/invalid_map_access.c
@@ -0,0 +1,64 @@
+typedef unsigned short uint16_t;
+typedef unsigned int uint32_t;
+typedef unsigned long uint64_t;
+
+typedef struct bpf_map_def {
+    uint32_t type;
+    uint32_t key_size;
+    uint32_t value_size;
+    uint32_t max_entries;
+    uint32_t map_flags;
+    uint32_t inner_map_idx;
+    uint32_t numa_node;
+} bpf_map_def_t;
+#define BPF_MAP_TYPE_ARRAY 2
+
+typedef struct _t_prb_hist {
+    uint32_t rnti;
+    uint32_t prb_size;
+    uint32_t cnt;
+} t_prb_hist;
+
+typedef struct _t_mcs_hist {
+    uint32_t rnti;
+    uint32_t mcs;
+    uint32_t cnt;
+} t_mcs_hist;
+
+typedef struct _dl_config_stats {
+    uint64_t timestamp;
+    uint32_t cell_id;
+    uint32_t msg_id;
+    uint16_t l1_dlc_prb_hist_count;
+    t_prb_hist l1_dlc_prb_hist[70];
+    uint16_t l1_dlc_mcs_hist_count;
+    t_mcs_hist l1_dlc_mcs_hist[15];
+} dl_config_stats;
+
+__attribute__((section("maps"), used))
+bpf_map_def_t map =
+    {.type = BPF_MAP_TYPE_ARRAY,
+     .key_size = sizeof(int),
+     .value_size = sizeof(dl_config_stats),
+     .max_entries = 1};
+
+static void* (*bpf_map_lookup_elem)(bpf_map_def_t* map, void* key) = (void*) 1;
+
+int func(void* ctx)
+{
+  uint32_t key = 1;
+
+  dl_config_stats *tmp;
+  tmp = (dl_config_stats *)bpf_map_lookup_elem(&map, &key);
+  if (!tmp)
+    return 0;
+
+  uint16_t ind = tmp->l1_dlc_prb_hist_count;
+  if (ind < sizeof(tmp->l1_dlc_prb_hist) / sizeof(tmp->l1_dlc_prb_hist[0])) {
+    tmp->l1_dlc_prb_hist[ind].cnt = tmp->l1_dlc_prb_hist_count;
+  } else {
+    tmp->l1_dlc_prb_hist[100000].cnt = 10;
+  }
+
+  return ind;
+}

From ea161669a142a7ae38322b2d089806a323b605c5 Mon Sep 17 00:00:00 2001
From: xfoukas <xefouk@microsoft.com>
Date: Sun, 19 Feb 2023 19:26:42 +0000
Subject: [PATCH 2/2] Added bytecode for invalid shared region access example

Signed-off-by: xfoukas <xefouk@microsoft.com>
---
 build/invalid_map_access.o | Bin 0 -> 968 bytes
 1 file changed, 0 insertions(+), 0 deletions(-)
 create mode 100644 build/invalid_map_access.o

diff --git a/build/invalid_map_access.o b/build/invalid_map_access.o
new file mode 100644
index 0000000000000000000000000000000000000000..d9b61c37bf88c74999d11ea21d86692fe60a690d
GIT binary patch
literal 968
zcmbtSze~eV5WZAv>kqINg&+<pNVg#9=n#r^3OKmAg!oz|kW^`6(aA1?ql@6+AWro!
z=-7Y9)ybt0@9y2RZ3Gts?|paQeRuaR@7*=Lqk?6D`7HQ?v1eF-a$#({Y`RcF<p9N`
zSL>sU=;0d&p@jNTmSuLX*gb}c8VWzqa#*t#*a|BZ#vLd^gLKljhPZ_O@)n0dSsQE=
zVTQ4U^<IvvFhCtuQlfj(a-cG^xNO{{wM71g8s~lTY?DflodUd0l4zd@|B&Oi(Xa9;
zbf7PBns$XxrU^Y2z^26MtVLc<rxiJA>n4RbxJqaPCyKhUA2getB)ow0>$ZZh-3_9!
z>0{Urlxii3qrgehP8ysc-o}Jpy}s-3YuJ-U|AYg~*Eca;=v{vH=`{W84roS_&gFEj
z_~w6^aM>7wlsk{h72m+K^w+OS*Qd8&@(sU;97*#td`Ka4FXB$zm}XWf*UK&udYaLD
fU-}FD%x8R~Jw$`fmH)~je3SsW^p4H>ZQ;KG7-v4F

literal 0
HcmV?d00001