Commit 04999b99 authored Feb 09, 2026 by Amery Hung Committed by Alexei Starovoitov Feb 13, 2026

libbpf: Fix invalid write loop logic in bpf_linker__add_buf()

Fix bpf_linker__add_buf()'s logic of copying data from memory buffer into
memfd. In the event of short write not writing entire buf_sz bytes into memfd
file, we'll append bytes from the beginning of buf *again* (corrupting ELF
file contents) instead of correctly appending the rest of not-yet-read buf
contents.

Closes: https://github.com/libbpf/libbpf/issues/945


Fixes: 6d5e5e5d ("libbpf: Extend linker API to support in-memory ELF files")
Signed-off-by: Amery Hung <ameryhung@gmail.com>
Signed-off-by: Andrii Nakryiko <andrii@kernel.org>
Acked-by: Jiri Olsa <jolsa@kernel.org>
Link: https://lore.kernel.org/bpf/20260209230134.3530521-1-ameryhung@gmail.com


Signed-off-by: Alexei Starovoitov <ast@kernel.org>

parent 728ff167

tools/lib/bpf/linker.c

+1 −1

Original line number	Diff line number	Diff line
		@@ -581,7 +581,7 @@ int bpf_linker__add_buf(struct bpf_linker linker, void buf, size_t buf_sz,

		written = 0;
		while (written < buf_sz) {
		ret = write(fd, buf, buf_sz);
		ret = write(fd, buf + written, buf_sz - written);
		if (ret < 0) {
		ret = -errno;
		pr_warn("failed to write '%s': %s\n", filename, errstr(ret));