Validate IOCTL header length

[dthaler]

Description

Validate the header.length passed to various requests.

Also add one test case that's part of #1139

Testing

Includes updated tests.

Documentation

No impact.

[codecov]

Codecov Report

Merging #1256 (935540e) into main (025639b) will decrease coverage by 0.00%.
The diff coverage is 86.84%.

❗ Current head 935540e differs from pull request most recent head 57cc13f. Consider uploading reports for the commit 57cc13f to get more accurate results

@@            Coverage Diff             @@
##             main    #1256      +/-   ##
==========================================
- Coverage   88.04%   88.04%   -0.01%     
==========================================
  Files         101      101              
  Lines       17488    17546      +58     
==========================================
+ Hits        15397    15448      +51     
- Misses       2091     2098       +7     

Impacted Files	Coverage Δ
libs/execution_context/ebpf_core.c	91.21% <80.00%> (-0.49%)	⬇️
...ution_context/unit/execution_context_unit_test.cpp	98.86% <92.68%> (-0.24%)	⬇️
tests/end_to_end/test_helper.cpp	89.36% <0.00%> (+0.33%)	⬆️

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update a1b36d5...57cc13f. Read the comment docs.

[shankarseal]

Why not add safe add for the IOCTL processing as well?

[dthaler]

Why not add safe add for the IOCTL processing as well?

I don't understand your question, can you elaborate?
Also since you commented without approving, does that mean you want some change before merging?

[shankarseal]

Why not add safe add for the IOCTL processing as well?

I don't understand your question, can you elaborate? Also since you commented without approving, does that mean you want some change before merging?

What I meant to ask is, is ebpf_safe_size_t_add/multiply not required in similar IOCTL processing code? Such as line 324 in ebpf_core.c ?

[dthaler]

Why not add safe add for the IOCTL processing as well?

I don't understand your question, can you elaborate? Also since you commented without approving, does that mean you want some change before merging?

What I meant to ask is, is ebpf_safe_size_t_add/multiply not required in similar IOCTL processing code? Such as line 324 in ebpf_core.c ?

@shankarseal that particular line does not need it because request->header.length is only 16 bits, so maxes out at 65535. That means count_of_helpers is at most 16383 which means line 324 cannot possibly overflow.