[PATCH RFC] [5/9] modpost: Fix a buffer overflow in modpost

From: Andi Kleen
Date: Wed Nov 21 2007 - 21:45:01 EST

Next message: Andi Kleen: "[PATCH RFC] [6/9] Implement namespace checking in modpost"
Previous message: Andi Kleen: "[PATCH RFC] [4/9] modpost: Fix format string warnings"
In reply to: Andi Kleen: "[PATCH RFC] [4/9] modpost: Fix format string warnings"
Next in thread: Andi Kleen: "[PATCH RFC] [6/9] Implement namespace checking in modpost"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

When passing an file name > 1k the stack could be overflowed.
Not really a security issue, but still better plugged.

---
scripts/mod/modpost.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)

Index: linux/scripts/mod/modpost.c
===================================================================
--- linux.orig/scripts/mod/modpost.c
+++ linux/scripts/mod/modpost.c
@@ -1656,7 +1656,6 @@ int main(int argc, char **argv)
{
struct module *mod;
struct buffer buf = { };
- char fname[SZ];
char *kernel_read = NULL, *module_read = NULL;
char *dump_write = NULL;
int opt;
@@ -1709,6 +1708,8 @@ int main(int argc, char **argv)
err = 0;

for (mod = modules; mod; mod = mod->next) {
+ char fname[strlen(mod->name) + 10];
+
if (mod->skip)
continue;

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Andi Kleen: "[PATCH RFC] [6/9] Implement namespace checking in modpost"
Previous message: Andi Kleen: "[PATCH RFC] [4/9] modpost: Fix format string warnings"
In reply to: Andi Kleen: "[PATCH RFC] [4/9] modpost: Fix format string warnings"
Next in thread: Andi Kleen: "[PATCH RFC] [6/9] Implement namespace checking in modpost"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]