diff options
| author | tongzongzhen <[email protected]> | 2024-10-18 15:08:01 +0800 |
|---|---|---|
| committer | tongzongzhen <[email protected]> | 2024-10-18 15:08:01 +0800 |
| commit | 549c0eb404b189bca71f07d07ca5772b1aa0eab8 (patch) | |
| tree | bf47bf72d8ce59e16f2a349a2779a0ada444d4f7 | |
| parent | 358be31c7e4e4561e121729d9a6c604731a7063a (diff) | |
verify bpf expr in telemetry
| -rw-r--r-- | include/job_ctx.h | 3 | ||||
| -rw-r--r-- | src/job_ctx.c | 23 |
2 files changed, 25 insertions, 1 deletions
diff --git a/include/job_ctx.h b/include/job_ctx.h index 95febb7..9d6410a 100644 --- a/include/job_ctx.h +++ b/include/job_ctx.h @@ -19,4 +19,5 @@ void telemetry_job_add_cb(const char * table_name, const char * key, const char void telemetry_job_del_cb(const char * table_name, void ** ad, long argl, void * argp); void telemetry_job_uuid_get(job_bitmap_t job_id, unsigned char * uu); -void job_desc_dump(const struct dp_trace_job_desc * desc);
\ No newline at end of file +void job_desc_dump(const struct dp_trace_job_desc * desc); +int is_valid_bpf_expression(const char * expr);
\ No newline at end of file diff --git a/src/job_ctx.c b/src/job_ctx.c index 45e1354..51c3c7f 100644 --- a/src/job_ctx.c +++ b/src/job_ctx.c @@ -6,6 +6,7 @@ #include <MESA/maat.h> #include <cjson/cJSON.h> +#include <pcap.h> #include <stdlib.h> #include <string.h> @@ -85,6 +86,13 @@ void telemetry_job_add_cb(const char * table_name, const char * key, const char return; } + int valid_bpf_expr = is_valid_bpf_expression(job_desc->bpf_expr); + if (valid_bpf_expr < 0) + { + dzlog_info("not a valid bpf expr: %s", job_desc->bpf_expr); + return; + } + int index = telemetry_unused_job_index_get(); if (index < 0) { @@ -193,4 +201,19 @@ void job_desc_dump(const struct dp_trace_job_desc * desc) } len += snprintf(traffic_link_id_str + len, sizeof(traffic_link_id_str) - len, "%s", "]"); dzlog_info(" traffic_link_ids:%s", traffic_link_id_str); +} + +int is_valid_bpf_expression(const char * expr) +{ + int ret = 0; + pcap_t * pcap_handle = NULL; + struct bpf_program fp = {}; + + pcap_handle = pcap_open_dead(DLT_EN10MB, 65535); + if (pcap_compile(pcap_handle, &fp, expr, 0, PCAP_NETMASK_UNKNOWN) < 0) + { + dzlog_info("pcap_compile execution failed: %s", pcap_geterr(pcap_handle)); + ret = -1; + } + return ret; }
\ No newline at end of file |