From e00a73e30bd03ea03dd9e58489fbbeed569e9f52 Mon Sep 17 00:00:00 2001
From: Dave Thaler <dthaler@microsoft.com>
Date: Tue, 15 Aug 2023 16:14:17 -0700
Subject: [PATCH] Fix memory issues in ebpfsvc

Signed-off-by: Dave Thaler <dthaler@microsoft.com>
---
 .gitmodules                       |  1 -
 ebpfsvc/rpc_api.cpp               | 19 +++++++++++++++++--
 external/ubpf                     |  2 +-
 libs/service/verifier_service.cpp |  2 +-
 4 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/.gitmodules b/.gitmodules
index a9efb864fe..5a4f22f29a 100644
--- a/.gitmodules
+++ b/.gitmodules
@@ -4,7 +4,6 @@
 [submodule "external/ubpf"]
 	path = external/ubpf
 	url = https://github.com/iovisor/ubpf.git
-	branch = memory
 [submodule "external/bpftool"]
 	path = external/bpftool
 	url = https://github.com/dthaler/bpftool-1.git
diff --git a/ebpfsvc/rpc_api.cpp b/ebpfsvc/rpc_api.cpp
index a4972149de..f55b4d1e61 100644
--- a/ebpfsvc/rpc_api.cpp
+++ b/ebpfsvc/rpc_api.cpp
@@ -23,10 +23,14 @@ ebpf_server_verify_and_load_program(
     if (info->instruction_count == 0) {
         return EBPF_INVALID_ARGUMENT;
     }
+    *logs = nullptr;
+    *logs_size = 0;
 
     // Set the handle of program being verified in thread-local storage.
     set_program_under_verification(reinterpret_cast<ebpf_handle_t>(info->program_handle));
 
+    const char* ebpf_logs = nullptr;
+    uint32_t ebpf_logs_size = 0;
     result = ebpf_verify_and_load_program(
         &info->program_type,
         reinterpret_cast<ebpf_handle_t>(info->program_handle),
@@ -36,8 +40,19 @@ ebpf_server_verify_and_load_program(
         info->handle_map,
         info->instruction_count,
         reinterpret_cast<ebpf_inst*>(info->instructions),
-        const_cast<const char**>(logs),
-        logs_size);
+        &ebpf_logs,
+        &ebpf_logs_size);
+
+    if (ebpf_logs) {
+        // The ebpf_logs buffer was allocated by the ebpf allocator whereas we
+        // must return a string allocated by the MIDL allocator.
+        *logs = (char*)MIDL_user_allocate(ebpf_logs_size);
+        if (*logs) {
+            memcpy(*logs, ebpf_logs, ebpf_logs_size);
+            ebpf_free((void*)ebpf_logs);
+            *logs_size = ebpf_logs_size;
+        }
+    }
 
     ebpf_clear_thread_local_storage();
     return result;
diff --git a/external/ubpf b/external/ubpf
index 8be1cd8386..89b84c6fc4 160000
--- a/external/ubpf
+++ b/external/ubpf
@@ -1 +1 @@
-Subproject commit 8be1cd838673ec264afdb58ad33268f241269dd1
+Subproject commit 89b84c6fc4d740b05e6bf7a19f6d2116b1469c7f
diff --git a/libs/service/verifier_service.cpp b/libs/service/verifier_service.cpp
index 4d736071fb..3d39597a2f 100644
--- a/libs/service/verifier_service.cpp
+++ b/libs/service/verifier_service.cpp
@@ -60,7 +60,7 @@ verify_byte_code(
         info.type = get_program_type_windows(*program_type);
     } catch (std::runtime_error e) {
         error << "error: " << e.what();
-        *error_message = allocate_string(error.str());
+        *error_message = allocate_string(error.str(), error_message_size);
         return EBPF_VERIFICATION_FAILED;
     }