diff --git a/tap/tlstapper/bpf/common.c b/tap/tlstapper/bpf/common.c index d7f42f91b..7bdf11c07 100644 --- a/tap/tlstapper/bpf/common.c +++ b/tap/tlstapper/bpf/common.c @@ -80,10 +80,6 @@ static __always_inline void send_chunk(struct pt_regs *ctx, __u8* buffer, __u64 } static __always_inline void output_ssl_chunk(struct pt_regs *ctx, struct ssl_info* info, int count_bytes, __u64 id, __u32 flags) { - if (count_bytes <= 0) { - return; - } - if (count_bytes > (CHUNK_SIZE * MAX_CHUNKS_PER_OPERATION)) { log_error(ctx, LOG_ERROR_BUFFER_TOO_BIG, id, count_bytes, 0l); return; diff --git a/tap/tlstapper/bpf/go_uprobes.c b/tap/tlstapper/bpf/go_uprobes.c index d06930918..aff9a8fca 100644 --- a/tap/tlstapper/bpf/go_uprobes.c +++ b/tap/tlstapper/bpf/go_uprobes.c @@ -93,6 +93,10 @@ static __always_inline void go_crypto_tls_uprobe(struct pt_regs *ctx, struct bpf info.buffer = (void*)GO_ABI_INTERNAL_PT_REGS_R4(ctx); info.fd = go_crypto_tls_get_fd_from_tcp_conn(ctx); + if (info.buffer_len <= 0) { + return; + } + // GO_ABI_INTERNAL_PT_REGS_GP is Goroutine address __u64 pid_fp = pid << 32 | GO_ABI_INTERNAL_PT_REGS_GP(ctx); long err = bpf_map_update_elem(go_context, &pid_fp, &info, BPF_ANY); diff --git a/tap/tlstapper/bpf/openssl_uprobes.c b/tap/tlstapper/bpf/openssl_uprobes.c index 2f5151da9..e4be354bd 100644 --- a/tap/tlstapper/bpf/openssl_uprobes.c +++ b/tap/tlstapper/bpf/openssl_uprobes.c @@ -101,6 +101,9 @@ static __always_inline void ssl_uretprobe(struct pt_regs *ctx, struct bpf_map_de } int count_bytes = get_count_bytes(ctx, &info, id); + if (count_bytes <= 0) { + return; + } output_ssl_chunk(ctx, &info, count_bytes, id, flags); } diff --git a/tap/tlstapper/go_offsets.go b/tap/tlstapper/go_offsets.go index 239b76bc2..ad79cfd32 100644 --- a/tap/tlstapper/go_offsets.go +++ b/tap/tlstapper/go_offsets.go @@ -112,7 +112,11 @@ func getOffsets(filePath string) (offsets map[string]*goExtendedOffset, err erro return } - syms, err := se.Symbols() + var syms []elf.Symbol + syms, err = se.Symbols() + if err != nil { + return + } for _, sym := range syms { offset := sym.Value @@ -147,7 +151,7 @@ func getOffsets(filePath string) (offsets map[string]*goExtendedOffset, err erro // collect the bytes of the symbol symBytes := textSectionData[symStartingIndex:symEndingIndex] - // disasemble the symbol + // disassemble the symbol var instructions []gapstone.Instruction instructions, err = engine.Disasm(symBytes, sym.Value, 0) if err != nil { diff --git a/tap/tlstapper/tls_tapper.go b/tap/tlstapper/tls_tapper.go index 70ca21ffa..578e28f36 100644 --- a/tap/tlstapper/tls_tapper.go +++ b/tap/tlstapper/tls_tapper.go @@ -161,14 +161,14 @@ func setupRLimit() error { } func (t *TlsTapper) tapSsllibPid(pid uint32, sslLibrary string, namespace string) error { - logger.Log.Infof("Tapping TLS (pid: %v) (sslLibrary: %v)", pid, sslLibrary) - newSsl := sslHooks{} if err := newSsl.installUprobes(&t.bpfObjects, sslLibrary); err != nil { return err } + logger.Log.Infof("Tapping TLS (pid: %v) (sslLibrary: %v)", pid, sslLibrary) + t.sslHooksStructs = append(t.sslHooksStructs, newSsl) t.poller.addPid(pid, namespace)