Bound offsets to make 4.14 verifier happy

Signed-off-by: Dom Del Nano <ddelnano@gmail.com>

Author: ddelnano

src/stirling/source_connectors/socket_tracer/bcc_bpf/go_http2_trace.c

@@ -147,9 +147,9 @@ static __inline int32_t get_fd_from_http_http2Framer(const void* framer_ptr,
   // moving forward it uses a conn member (net.Conn interface) instead.
   if (inner_intf_offset == -1) {
     inner_intf_offset = symaddrs->http2bufferedWriter_conn_offset;
-    REQUIRE_SYMADDR(inner_intf_offset, kInvalidFD);
     conn_intf = true;
   }
+  REQUIRE_SYMADDR(inner_intf_offset, kInvalidFD);
 
   struct go_interface io_writer_interface;
   BPF_PROBE_READ_VAR(io_writer_interface, framer_ptr + symaddrs->http2Framer_w_offset);

src/stirling/source_connectors/socket_tracer/bcc_bpf/go_trace_common.h

@@ -174,13 +174,21 @@ static __inline int32_t get_fd_from_conn_intf_core(struct go_interface conn_intf
   REQUIRE_SYMADDR(symaddrs->FD_Sysfd_offset, kInvalidFD);
 
   if (conn_intf.type == symaddrs->internal_syscallConn) {
+    // TODO(ddelnano): This can be dropped when 4.14 kernel support is dropped.
+    if (symaddrs->syscallConn_conn_offset < 0 || symaddrs->syscallConn_conn_offset > 1024) {
+      return kInvalidFD;
+    }
     REQUIRE_SYMADDR(symaddrs->syscallConn_conn_offset, kInvalidFD);
     const int kSyscallConnConnOffset = 0;
     bpf_probe_read(&conn_intf, sizeof(conn_intf),
                    conn_intf.ptr + symaddrs->syscallConn_conn_offset);
   }
 
   if (conn_intf.type == symaddrs->tls_Conn) {
+    // TODO(ddelnano): This can be dropped when 4.14 kernel support is dropped.
+    if (symaddrs->tlsConn_conn_offset < 0 || symaddrs->tlsConn_conn_offset > 1024) {
+      return kInvalidFD;
+    }
     REQUIRE_SYMADDR(symaddrs->tlsConn_conn_offset, kInvalidFD);
     bpf_probe_read(&conn_intf, sizeof(conn_intf), conn_intf.ptr + symaddrs->tlsConn_conn_offset);
   }