Re: [PATCH] modpost: fix buffer overflow
From: Sam Ravnborg
Date: Thu Mar 16 2006 - 10:43:34 EST
On Thu, Mar 16, 2006 at 02:21:14PM +0100, Jiri Benc wrote:
> On Wed, 15 Mar 2006 23:51:59 +0100, Sam Ravnborg wrote:
> > Can I ask you to make a new patch where you change buf_printf() to use
> > buf_write. And then change buf_write to allocate in chunks also.
> > This would be cleanest solution.
>
> This probably will be the cleanest solution, but I doubt it would be
> acceptable for 2.6.16. And I think the fix should go into 2.6.16.
Like this...
Sam
diff --git a/scripts/mod/modpost.c b/scripts/mod/modpost.c
index 30f3ac8..0b92ddf 100644
--- a/scripts/mod/modpost.c
+++ b/scripts/mod/modpost.c
@@ -923,19 +923,14 @@ void __attribute__((format(printf, 2, 3)
va_start(ap, fmt);
len = vsnprintf(tmp, SZ, fmt, ap);
- if (buf->size - buf->pos < len + 1) {
- buf->size += 128;
- buf->p = realloc(buf->p, buf->size);
- }
- strncpy(buf->p + buf->pos, tmp, len + 1);
- buf->pos += len;
+ buf_write(buf, tmp, len);
va_end(ap);
}
void buf_write(struct buffer *buf, const char *s, int len)
{
if (buf->size - buf->pos < len) {
- buf->size += len;
+ buf->size += len + SZ;
buf->p = realloc(buf->p, buf->size);
}
strncpy(buf->p + buf->pos, s, len);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/